From 672c56be39139523c2ae535efc00c6972ed666d9 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Sun, 16 Feb 2014 23:25:21 -0800 Subject: [PATCH] bump(dev-libs/openssl): sync with upstream Current version (openssl-1.0.1c) is old and has a parallel-make build issue that can cause the build to fail randomly. Upgrade time! New stable version is openssl-1.0.1f --- .../portage-stable/dev-libs/openssl/ChangeLog | 191 ++++++++- .../portage-stable/dev-libs/openssl/Manifest | 69 ++-- .../openssl/files/gentoo.config-0.9.8 | 0 .../openssl/files/gentoo.config-1.0.1 | 164 ++++++++ .../openssl-1.0.0d-alpha-fix-unalign.patch | 59 --- .../files/openssl-1.0.0d-alpha-typo.patch | 13 - .../files/openssl-1.0.0e-pkg-config.patch | 42 -- .../files/openssl-1.0.1-parallel-build.patch | 17 + .../files/openssl-1.0.1a-hmac-ia32cap.patch | 52 --- .../files/openssl-1.0.1e-bad-mac-aes-ni.patch | 35 ++ ...1-ipv6.patch => openssl-1.0.1e-ipv6.patch} | 58 +-- .../files/openssl-1.0.1e-perl-5.18.patch | 375 ++++++++++++++++++ .../openssl-1.0.1e-rdrand-explicit.patch | 28 ++ .../openssl-1.0.1e-s_client-verify.patch | 18 + .../files/openssl-1.0.1e-tls-ver-crash.patch | 34 ++ .../files/openssl-1.0.1f-perl-5.18.patch | 356 +++++++++++++++++ ...-1.0.1f-revert-alpha-perl-generation.patch | 83 ++++ .../dev-libs/openssl/metadata.xml | 4 + .../dev-libs/openssl/openssl-0.9.8v.ebuild | 141 ------- .../dev-libs/openssl/openssl-0.9.8w.ebuild | 141 ------- .../dev-libs/openssl/openssl-0.9.8x.ebuild | 141 ------- ...sl-0.9.8u.ebuild => openssl-0.9.8y.ebuild} | 10 +- .../dev-libs/openssl/openssl-1.0.0h.ebuild | 213 ---------- .../dev-libs/openssl/openssl-1.0.0j.ebuild | 6 +- ...1.0.1a.ebuild => openssl-1.0.1e-r1.ebuild} | 59 ++- ...1.0.1b.ebuild => openssl-1.0.1e-r2.ebuild} | 60 ++- .../dev-libs/openssl/openssl-1.0.1e-r3.ebuild | 241 +++++++++++ ...sl-1.0.1c.ebuild => openssl-1.0.1e.ebuild} | 36 +- ...sl-1.0.0i.ebuild => openssl-1.0.1f.ebuild} | 92 +++-- 29 files changed, 1766 insertions(+), 972 deletions(-) mode change 100644 => 100755 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 create mode 100755 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1a-hmac-ia32cap.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch rename sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/{openssl-1.0.1-ipv6.patch => openssl-1.0.1e-ipv6.patch} (94%) create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8v.ebuild delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8w.ebuild delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8x.ebuild rename sdk_container/src/third_party/portage-stable/dev-libs/openssl/{openssl-0.9.8u.ebuild => openssl-0.9.8y.ebuild} (92%) delete mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0h.ebuild rename sdk_container/src/third_party/portage-stable/dev-libs/openssl/{openssl-1.0.1a.ebuild => openssl-1.0.1e-r1.ebuild} (76%) rename sdk_container/src/third_party/portage-stable/dev-libs/openssl/{openssl-1.0.1b.ebuild => openssl-1.0.1e-r2.ebuild} (75%) create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r3.ebuild rename sdk_container/src/third_party/portage-stable/dev-libs/openssl/{openssl-1.0.1c.ebuild => openssl-1.0.1e.ebuild} (85%) rename sdk_container/src/third_party/portage-stable/dev-libs/openssl/{openssl-1.0.0i.ebuild => openssl-1.0.1f.ebuild} (66%) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog index c8b7f12cfb..9471bc1c09 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog @@ -1,6 +1,193 @@ # ChangeLog for dev-libs/openssl -# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.470 2013/02/03 23:44:01 ago Exp $ +# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.513 2014/01/26 11:59:33 ago Exp $ + + 26 Jan 2014; Agostino Sarubbo openssl-1.0.1f.ebuild: + Stable for sparc, wrt bug #497838 + + 26 Jan 2014; Agostino Sarubbo openssl-1.0.1f.ebuild: + Stable for ppc64, wrt bug #497838 + + 26 Jan 2014; Agostino Sarubbo openssl-1.0.1f.ebuild: + Stable for ia64, wrt bug #497838 + + 25 Jan 2014; Mike Frysinger + +files/openssl-1.0.1f-revert-alpha-perl-generation.patch, + openssl-1.0.1f.ebuild: + Fix build for alpha systems #499086 by Matt Turner. + + 21 Jan 2014; Pawel Hajdan jr openssl-1.0.1f.ebuild: + x86 stable wrt security bug #497838 + + 20 Jan 2014; Agostino Sarubbo openssl-1.0.1f.ebuild: + Stable for ppc, wrt bug #497838 + + 19 Jan 2014; Agostino Sarubbo openssl-1.0.1f.ebuild: + Stable for alpha, wrt bug #497838 + + 19 Jan 2014; Markus Meier openssl-1.0.1f.ebuild: + arm stable, bug #497838 + + 18 Jan 2014; Pacho Ramos openssl-1.0.1f.ebuild: + amd64 stable, bug #497838 + + 17 Jan 2014; Jeroen Roovers openssl-1.0.1f.ebuild: + Stable for HPPA (bug #497838). + + 17 Jan 2014; Mike Frysinger files/gentoo.config-1.0.1, + openssl-1.0.1f.ebuild: + Initial arm64 and little endian ppc support. + + 17 Jan 2014; Mike Frysinger openssl-1.0.1f.ebuild: + Mark m68k/s390/sh stable #497838. + + 16 Jan 2014; Mike Frysinger openssl-1.0.1e-r1.ebuild: + Mark m68k/s390/sh stable. + + 06 Jan 2014; Lars Wendler openssl-1.0.1f.ebuild, + +files/openssl-1.0.1f-perl-5.18.patch: + Fixed build with perl-5.18 (bug #497286). + +*openssl-1.0.1f (06 Jan 2014) + + 06 Jan 2014; Mike Frysinger +openssl-1.0.1f.ebuild: + Version bump. + +*openssl-1.0.1e-r3 (20 Dec 2013) + + 20 Dec 2013; Mike Frysinger + +files/openssl-1.0.1e-rdrand-explicit.patch, + +files/openssl-1.0.1e-tls-ver-crash.patch, +openssl-1.0.1e-r3.ebuild: + Add fix from upstream for crashes w/TLS 1.2 #494816 by Agostino Sarubbo. Also + add fix from upstream for rdrand selection. + + 26 Nov 2013; Lars Wendler -openssl-0.9.8u.ebuild, + -openssl-0.9.8v.ebuild, -openssl-0.9.8w.ebuild, -openssl-0.9.8x.ebuild, + -openssl-1.0.0h.ebuild, -openssl-1.0.0i.ebuild, -openssl-1.0.1a.ebuild, + -openssl-1.0.1b.ebuild, -openssl-1.0.1c.ebuild, -openssl-1.0.1d.ebuild, + -openssl-1.0.1d-r1.ebuild, openssl-1.0.1e.ebuild, + -files/openssl-1.0.0d-alpha-fix-unalign.patch, + -files/openssl-1.0.0d-alpha-typo.patch, + -files/openssl-1.0.0e-pkg-config.patch, -files/openssl-1.0.1-ipv6.patch, + -files/openssl-1.0.1a-hmac-ia32cap.patch, + -files/openssl-1.0.1d-s3-packet.patch: + Removed old vulnerable versions. Removed all but ppc64 KEYWORDS from + openssl-1.0.1e.ebuild. + +*openssl-1.0.1e-r2 (23 Oct 2013) + + 23 Oct 2013; Mike Frysinger + +files/openssl-1.0.1e-s_client-verify.patch, +openssl-1.0.1e-r2.ebuild: + Add fix for s_client verify #472584 by Fabio Coatti. Disable 128bit math + logic for now #469976 by Jim Faulkner. + + 15 Oct 2013; Mike Frysinger openssl-1.0.1e-r1.ebuild: + Disable 5 second delay in config when building for some targets. + + 15 Oct 2013; Mike Frysinger + +files/openssl-1.0.1e-perl-5.18.patch, openssl-1.0.1e-r1.ebuild: + Add patch to fix building w/perl-5.18 #483820 by Mike Gilbert. + + 14 Oct 2013; Mike Frysinger metadata.xml, + openssl-1.0.1e-r1.ebuild: + Add USE=tls-heartbeat for controlling the heartbeat extension. + + 13 Oct 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for sparc, wrt bug #455592 + + 08 Oct 2013; Mike Frysinger + files/openssl-1.0.1-parallel-build.patch: + Fix parallel build failures when generating header files. + + 23 Sep 2013; Jack Morgan openssl-1.0.1e-r1.ebuild: + removing ppc64 openssl-1.0.1e-r1 wrt bug #469976 + + 23 Sep 2013; Jack Morgan openssl-1.0.1e.ebuild, + openssl-1.0.1e-r1.ebuild: + ppc64 stable for openssl-1.0.1e and ~ppc64 for openssl-1.0.1e-r1 wrt bug + #469976 + + 22 Sep 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for alpha, wrt bug #455592 + + 22 Sep 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for ia64, wrt bug #455592 + + 15 Sep 2013; Markus Meier openssl-1.0.1e-r1.ebuild: + arm stable, bug #455592 + + 15 Sep 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for ppc64, wrt bug #455592 + + 15 Sep 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for ppc, wrt bug #455592 + + 15 Sep 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for x86, wrt bug #455592 + + 15 Sep 2013; Agostino Sarubbo openssl-0.9.8y.ebuild, + openssl-1.0.1e-r1.ebuild: + Stable for amd64, wrt bug #455592 + + 12 Sep 2013; Jeroen Roovers openssl-1.0.1e-r1.ebuild: + Stable for HPPA (bug #455592). + + 09 Jun 2013; Mike Frysinger metadata.xml: + Add upstream CPE tag (security info) from ChromiumOS. + + 21 May 2013; Mike Frysinger +files/gentoo.config-1.0.1, + openssl-1.0.1a.ebuild, openssl-1.0.1b.ebuild, openssl-1.0.1c.ebuild, + openssl-1.0.1d-r1.ebuild, openssl-1.0.1d.ebuild, openssl-1.0.1e-r1.ebuild, + openssl-1.0.1e.ebuild: + Update the target used for s390x systems #470740 by Agostino Sarubbo. + + 11 May 2013; Mike Frysinger openssl-1.0.1c.ebuild: + Mark m68k/s390/sh/sparc stable #454566. + +*openssl-1.0.1e-r1 (27 Apr 2013) + + 27 Apr 2013; Mike Frysinger + +files/openssl-1.0.1e-bad-mac-aes-ni.patch, +openssl-1.0.1e-r1.ebuild: + Tweak DESCRIPTION to remove protocol version info to be lazy and avoid keeping + it up-to-date #458204 by Walter. Automatically enable optimized EC 64bit code + when the compiler supports it #460790 by Ameretat.Reith. Add fix from + upstream when running on AES NI platforms #463444 by Markus Oehme. + +*openssl-1.0.1e (20 Feb 2013) + + 20 Feb 2013; Mike Frysinger + +files/openssl-1.0.1e-ipv6.patch, +openssl-1.0.1e.ebuild: + Version bump #458414 by Per Pomsel. + + 19 Feb 2013; Zac Medico openssl-1.0.1d-r1.ebuild: + Fix for prefix and add ~arm-linux + ~x86-linux keywords. + +*openssl-1.0.1d-r1 (08 Feb 2013) + + 08 Feb 2013; Mike Frysinger + +files/openssl-1.0.1d-s3-packet.patch, +openssl-1.0.1d-r1.ebuild: + Add fix from upstream for 1.0.1c regression #456108 by Ryan Hill. + + 08 Feb 2013; Mike Frysinger openssl-1.0.0h.ebuild, + openssl-1.0.0i.ebuild, openssl-1.0.0j.ebuild, openssl-1.0.1a.ebuild, + openssl-1.0.1b.ebuild, openssl-1.0.1c.ebuild, openssl-1.0.1d.ebuild: + Drop /~checkout~/ from pld cvs url #455892 by Csaba Péter. + +*openssl-0.9.8y (06 Feb 2013) +*openssl-1.0.1d (06 Feb 2013) + + 06 Feb 2013; Mike Frysinger +openssl-0.9.8y.ebuild, + +openssl-1.0.1d.ebuild: + Version bump #455592 by Hanno Boeck. + + 04 Feb 2013; Agostino Sarubbo openssl-1.0.1c.ebuild: + Stable for alpha, wrt bug #454566 03 Feb 2013; Agostino Sarubbo openssl-1.0.1c.ebuild: Stable for ia64, wrt bug #454566 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest index 582a5eabbf..cd3d71a4b5 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest @@ -1,41 +1,56 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + AUX gentoo.config-0.9.8 4246 SHA256 a38f4a9af890303d764b04eab64dd618b60599762d3ab3286b667c1ee38d2b75 SHA512 04ca7a9cb42762060216cf2696003d1087b1504e7f79278b0509b6a03da0bba0a13cdbe9fd713754379e09dc6bf0e7354fc1bcbaf8a7d75f4a400fe6c8868ab7 WHIRLPOOL 3d5524dda714eec5236b7d15e36c0633d75c750ba5555df2c5da59781cd6d0005f5810dad001758635def1894f27f83fde45e80f51c5467603c54a2b1389e22a AUX gentoo.config-1.0.0 4748 SHA256 67ae024ebb87a8236a358a081f2d9b038eef2d0f432705d05063274e7af28b4e SHA512 c68b7eb3d07a3b619f6c3e5f508e594efe2991aef91d8904019f967c20a7e9e9604d8fce1271b5bc247856411e81a800eed7710da46645b9d5d9e5cb184ab99b WHIRLPOOL a849c1ea7d7d0dfeac675636e801dd050c66866f6327e6619f233ede0fc0e59f5f2f554f7812a0c33bd40d76a7ba85ca3aab0a00f964e971de97f5af11a527bc +AUX gentoo.config-1.0.1 4980 SHA256 e7dd01bc76f0262c91b0a3a56bbf0675feedd6d5c6e61f8dcb5e3c538b113424 SHA512 1900cf603954dc4213d84d2f1f10fb74310dd8134f9c1bcf5f633a45e2ab27398f51656ac2f4165f86be78b19283374689766e3a5d7b43e16afeff884f31a1a0 WHIRLPOOL 2fd9eb3e46a262509f46f5ee6cef963e0bf32ff2c2dc3acb2fdf890326b4db801c0c90814df6f206fc6bc8aaf1184eb68289beb33e36dcebd890bb9e2855545a AUX openssl-0.9.8e-bsd-sparc64.patch 1484 SHA256 8a79f022a17a7fadb4eb708538b41a7a034e21ad84162beb1f7fa7cff5eb487e SHA512 dbbfae5ce19a4247a6b1ca4a45ca6c15904e13e6bf603447cb5d9820292ceb411792e29db0001c5869e3c4cb0a8afe7fb64d35f007052efc68098301c2e81def WHIRLPOOL 36959cfb8a3f2ac05b28fb6c0e28574f0267ddb6f89471e663ee370a1a1ce3e6c85c6a637098acdac4644f4c20370e2775d9c2610ff03a5ae2a7662d79a60e95 AUX openssl-0.9.8h-ldflags.patch 1048 SHA256 2c7cca7b59efc9da5de2efebec2085933295c2875d221c54897dae770cca45de SHA512 71faa144f3a5c9e9b55a05d856e8d1e6d76fd3c00078d7e44a1637076cc86eea018d533ad1dd677a28ebbb1418794b7d029d993d66601f2bc02f497b1cc7eb6e WHIRLPOOL bab4de438c687752e497c8cc3dd2d24015d189fdcccaec5e35c1f738177ad39555dc70d80fd3efba46db425bdf3b471f380a91466a2d17316d491755893763bd AUX openssl-0.9.8m-binutils.patch 684 SHA256 1e4475f7183ec237d129b686d4ca5265bf7eb34642e7d9e77cbe8ad9a97b4876 SHA512 5e8a20111bd4809e7375c7323dab2c2edd6a131d1ec2377ee99c5e06ceb7b4b000e9606ba6d0e68cd67d8e001cc8194e11e301eace0feb066d5f3c5b331b5f04 WHIRLPOOL dd4a0329e571e4f9322806fce2e6c510b978b68e5c6c64bfbe6993da16989c1a5451fe1e5b0509c0022925ca356cf3309799cdc204998107425fb016cb49da2d AUX openssl-1.0.0a-ldflags.patch 891 SHA256 f04cef1b912681393236f9631792cd404783586c2fd8e0f011ace6236cc6dc4a SHA512 8ced9f22e413f81ff0563793bd6b765912af16671a0d10bff0c518c44bced0177dbcd6536359ff5b6bd5d49fa5032de47c719198444254d4814e4b21301f606c WHIRLPOOL f9b2641b8df926ff5d9d5cf5a7737f5cb4a3a2be2225911ebebd944f13219acfac07d496eec9a8e91af3f50ac1275dc7b0652354e8e958a0d3f6708e641f8970 -AUX openssl-1.0.0d-alpha-fix-unalign.patch 1377 SHA256 e5f1c60ea82f22d7f388ecc9db42aa872e1329a672e41297bec2bf9b7a662244 SHA512 dbd953cfeeac148277a03ef86bf3e293fa2620c0b4d18888c141ac234b9d492b016745553b6c8937eee784dea5706be29794c7a456928da0d7ce47f4ac63d120 WHIRLPOOL 8fd0ce44a2f64df2a55155162a606edd2b1c1cd82196f6be89de0a8c2262067eedf1f14647407c9bb3d8eda7598c4eda078f6d597cfc97487cb4e54d9c6e196f -AUX openssl-1.0.0d-alpha-typo.patch 235 SHA256 60d2cb4cae47b5d61aeca2b6e0ae45d82c3b2ba698df72d10ee26370abd354ab SHA512 5993c77d15cd19353c218863e65d773c42c2a11e35247f991d7f388965e64fef3aae0659c02698bd5b4cd28dcbf7c4c40beb63dea1ac7b4ec041965eaf16b0db WHIRLPOOL 9eb3808e8ca7793b1cdd926d4a63822006be54cb0085855af27bfa57ff792772828d3f20b4598036f3ab075d6a24cad456dc19f995d6ec5ccf5c26a22ca46ccf AUX openssl-1.0.0d-fbsd-amd64.patch 417 SHA256 c72d33d0ac88280fb444574f236fefd73db4b968d342b0fb4530cdffbe2fff5a SHA512 3f9805ce1b3e52e3c14c79104a76b42f94df677be2567b4d4f25fd1e964d60bac39fae4f4e0175583da5eeea012315d95d27656c8ad7613ad31e4f82f036c301 WHIRLPOOL 6b51beb8fd9874a0683136df7dd21bec72de85abd1e561397ecbdb2fb7633047738d2b9bb4cad2610b3788b9995ff40212383b7dd752074e9af5d671780b0ccc AUX openssl-1.0.0d-windres.patch 2890 SHA256 27664cfab4852f1a301c4020375eba029c8a1728d58829c831a36d3aa2fbe9f4 SHA512 32187d0a04c85118cc763ff1fe8c4635622294fe629b920c47e16408aa720fee2bcc42f97120f6750b59996878e0a3d249143d728a5b5775ec3a022f81bc230a WHIRLPOOL d5979143f7e637b0072f7d5f214d80f5cc0e53f54358781d7f10c0cdb15c2b52813e12d2aa07dde2b40e7a88fcb26d1d619443a8012530d90789609cf5ac4083 AUX openssl-1.0.0e-parallel-build.patch 9055 SHA256 dc7b14a29d4efc26bf14c5c37e9c3696448826a639ebf9c8485f9f2ddd7efc9b SHA512 1c34083ae3b4833792a0236a6fc73d14056aeb4f4ad086be42865f46dc81a15f017f76cc82c5e8d7cc296f6c7826fb060bf5388cba1653dc7d1fda78208513c5 WHIRLPOOL 5d31f5fdbddad7869912762bb39bcb0e93b0cfc81f3e3a5833f35517349662b9c59369524a05848fde92be600e8decc486219913a0ca3ea27761736cbee96ead -AUX openssl-1.0.0e-pkg-config.patch 1702 SHA256 f506d94ee240776e3f5d93ecdaa010539aa264ec4553b09fa8093074401fe98b SHA512 b28c4118a5157fded2c01a6a61891c69c2c511972ec1afccf1d124736446588838b3025c4a0e41c440aca1e784aa05161fca38e9b6e6f90746263b108b956ac2 WHIRLPOOL 86d32914a757d519b513bec0c0a7e1592775782f8ba5b9c85c8bb01612e6c700c40d5f22f2713e974e140e2841c5852b7391056709b9c353eb1a64df7087e080 AUX openssl-1.0.0e-x32.patch 4113 SHA256 e3c5118541d580d3cac2fe9f8af54059f81518b9bec0f07aaa1b77e03b85b1c9 SHA512 3e45360aea727f7835c192bc7f0271b0b8fc29c7262b6a96744c88aa56242044872fe170f64e48e0757b5d0a8b7650c786b2b3799bb353d3803253c42691dfaf WHIRLPOOL 1afe85e83041773fea3fbe7264f67d13e6ca0c821a64d3e78de694085cb2270b6f6bfa88c17c1fd5ec9ccc13c58355bca04b6652646b9a754636bdb07c1f8659 AUX openssl-1.0.0h-pkg-config.patch 1289 SHA256 542dea12747b1cb667707250e3eb3803cbdd396bd0d8e836e48a8018417dc1b8 SHA512 4d1f66dc8615cdf7c96719c8cc909c7d908089e91b0cfe2dd08ae7a332c525b5384e2eb8eb3922e89cbc035167f581eaa606ba826fca6253f16f89f66a9ef225 WHIRLPOOL cdd63a06205b0237ddef1f56df2accf29e5f43f886aed01f95711b49a3af07d87afd0953cb3c12c7e97d4a3392f7c691257dcb7ad3e97cc6fbf1cf399a8a6394 -AUX openssl-1.0.1-ipv6.patch 19237 SHA256 0fae6057881fb43e775cabafb6ff6af6cfaa40eebf64be26ff77a9d4b8bc6b2c SHA512 df55d28b6668ade3041e8d33cf7f98c5770d0b0935a6ba33468783eec6065dcf37ba8d59ba94ea1938afcf3377db176cb27ce417897194c64fc8a75a3f7f924e WHIRLPOOL 90a3cae043a44505ef73cfbc5d48a72309f8eb513789ab3209dac5471983452f10443cee07654867b12860b79840a6b24c5c3a8cd27cb5f3e031068eab196069 -AUX openssl-1.0.1-parallel-build.patch 9918 SHA256 bd56e5fe1b6fe594ab93f34d25fef0b7372633bad8532f81da998f3e6655d221 SHA512 7255b3315133e415631b2ecadc8f5c50a705b9db507c46efded0190363ce9eb31ffbfe01c500669c060878e5202f858b1d2475c64948426fbf70820b4c798ba1 WHIRLPOOL 8a8c71c3806db85d6c6b355717cb4aa1e421fa1777aa7dcd7ee817ac1e552d4b671cdd7cceef9aee1a7dc1b305eb722b1ba0219832c7a6c1b808a0c49212df05 +AUX openssl-1.0.1-parallel-build.patch 10614 SHA256 f3aa674880ffa53a891d3f9054a1ff162c4461b3ec160a365990275907636259 SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 WHIRLPOOL 673f6f045765effb9ded607bf8116a81e7bfeee78ba0e8a34892081c272239a2b75fbb14f4c48b61d93593fac8e1b1e8bef7223f4cc64e8443e19c8f337ab6bc AUX openssl-1.0.1-x32.patch 3273 SHA256 a4f05b8757e225a05a9c5a3ea485159066760d878c9ee54c4eaf61760e33c6cf SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 WHIRLPOOL 1366632e7dc1c6e54efc5b9791bf24833d20e7a61ca29aa38d31b5b9629febf926a29742e370b7cd6767c810c0a1676100ca9169f0d836dfd19ff0b2c29e49c1 -AUX openssl-1.0.1a-hmac-ia32cap.patch 1876 SHA256 798f883a1852ecf50fff5c7cd97b7b5162931fb5ba0f21ba0d3ca26e23c8e967 SHA512 4a13394757e9fdd3a7713cad75c464a33e17860529ee136f988c40e6ee5988483ed3307e5603a5a9ef336b2c94ca35e4707fb493138d79c36aa1c646df6cc81c WHIRLPOOL f04aaf4b0a7ad501d8f3a35e0219f7e7bf73851ba9b1b756e6a0791badf850dc04ffe69ce3fe99045a7a6c9672b10ec5447c5de21ba4bdd44b70bf8fd56372aa -DIST openssl-0.9.8u.tar.gz 3781776 SHA256 0548e4b9171a62dcbbe85e63d9b897a35de718e0fe19b3fe56002c8f5a3ba587 SHA512 5c5998a74b70fb0624086d22f2bc16b6114819deae13c777f93e1c3cf0c1efc6e7adad4a8b00a45c1a112596ac9ea07330356af02d86a82667bb216327cdde34 WHIRLPOOL c6059d0fa69fea76f645afaa0b9d40ea9c5cab310d1e522aaba5b7176dbe89136af74e70577e16e0926c824f646ee3c6902cdc0c87305fd7693a9e4b7e1f4585 -DIST openssl-0.9.8v.tar.gz 3782207 SHA256 701ac4dbd27b9237919b214b53bc0d08e5e1448f2d0fbe1c80479293d2379a65 SHA512 5e625c69b6176bbb4acd0c4b5751d694591156f672e79fecd72c2a7e782e27cb67f0bfe2aea662b2e81f2f4c71ce9805bb5b8da023b368f35952b052e04520f9 WHIRLPOOL 66ea39d7f67259bf17f614de17e76c4c01e910aece24a3f9b107c7f0119809c8b86e098e92639d7c94417e45bc80c670cc3838520743b5ccc632905d1140d66f -DIST openssl-0.9.8w.tar.gz 3782900 SHA256 537411fe2cfe249a8a5b98b3f809a07ed5f913b94a216b3c510fd353318e4593 SHA512 3d93c96ec5550ae6936b353aa48081b9d8a4adfbd5a51d58b44916961e56fb9aedd30621a99ca3618aa3c6b3e15f30a10457d98629ef6ee0c6cb5518606981ca WHIRLPOOL 0ebc673d02489be248b62f800a99d714b7751702fcb7050f40c2231b318aeb3c868cdd48abc9dcecd018139c30b6e23764d0525bafde17097699e9767a3534dd -DIST openssl-0.9.8x.tar.gz 3782486 SHA256 7ce0c7f2c451070b4497ea7ca6f23eba6cef1a56db2e86e433f65926a7bc7497 SHA512 195ba38e5a3ecb9ea65ed1c0dfd7a7c7c8d25683cb401a4c68880a58b0dc3f3002186381ab1ddac64cc441ecd86606aa14bb91ecfc0c56b31ba85015589afdb2 WHIRLPOOL c54f046600443e16dcb41ef1bbb8a803f701f3af4b2a2011419fb1528838f412dc003155a3fbf5e0d15c64c64c3368e628e145cfc90671a0c2b333ac3a4c2ff9 -DIST openssl-1.0.0h.tar.gz 4048067 SHA256 7e3dfc21aa57ed33ea673170053d1921322803b8a6a624a4f0d2e4c308bd418d SHA512 6a1129fa4c90ed67cdeec5578f72ee74ceb983877bbbac41b6ace4abcf4154d6b8217d11951296a1fdfade82c7b9e59e7994fca94e7eb78026b2980fec7be9c5 WHIRLPOOL edec087ef7bf3b6300c2b5870471eca793a0cba217f1ae728d808757749bdc1bdc193c21d86ecf9ba47ca4d0e6bebd1d6407654637226b6dece68b75b8295bc5 -DIST openssl-1.0.0i.tar.gz 4047721 SHA256 548262d15777c504be1ab9bb8fabef1e14a3de54837a6593c8f403dd843d5e57 SHA512 b35d64c038f913fcec8cdec5f8a801425dd4bafb1472548a8c13cbce2245aabfc0ca416e166ac6063d59375817f6560390079156db41b98a83db44307ac0cecb WHIRLPOOL a0854284830ec7e7e2c4418423d089f91a0f81bc7313dd1d1791b20d4b78bfc7543834baad2e8817a3809eb8db10079ee1e84f40ef5003ff9330ad49adf142b8 +AUX openssl-1.0.1e-bad-mac-aes-ni.patch 1220 SHA256 484fe928925965e98bb0fccc14d6a1e2469507e513a4257a1741e725e9fabf8d SHA512 0c3ad477cd4a8e61e6235eda23b5efbf15aef23f3a753f30c35ec170236d9d3a52d11736d25b9995dd60cf534382b9ad7bf36aa6a95aa9fbd12a3019176d04f2 WHIRLPOOL 1e40dd340dc06e1d13447a72dcc6e6acaaab3270b118e37699bccab05ac6f47d196239bdec6be24182e46d57f2f5e3f927e64bb7346e6d4aa19b28155c2918c6 +AUX openssl-1.0.1e-ipv6.patch 18596 SHA256 430d15f2f62c2d7b9bbb968d3c1d3cea51c97d549e01683fd6befb20e2b60946 SHA512 15bfcafc8c173d2875954a43db19d15956619528a0fc356b6d36877f7434321071cf707d950767491261adc1e6403e56b3e014e3d0ffb6cef563daca00a128bd WHIRLPOOL d1dd63d00b166efb1ca9e5d8da931a47e571f5784e3b47780355553b4d0cf656885375e3fe7fc1554b6c5eb749371efeb370c7462e4fcc52c0dd85c6e2318ad8 +AUX openssl-1.0.1e-perl-5.18.patch 8211 SHA256 0d2263de7cd1e814cf7583a738d7c439dadb6f195793a29356186b336edc5a98 SHA512 4b56cae218af916c5d7f1006f0a17e34eebc6ee9fb08789db0b18b7e0d6ca7ea0b297efdc712f8951b4db55d15dffea33faa939d2daa42db6be61670e43f0412 WHIRLPOOL 78ced5c41dba502f93f92322516ac8774ff73ce236c7cf793f7e502822c8b0c288f2ed4360d89d2ff2bfaf969f6bd0cc12b28151eda0217197c60bf6a561d8cf +AUX openssl-1.0.1e-rdrand-explicit.patch 936 SHA256 0eb50c82edb24c0ff4b5b2e6c41e4d11e9288b33dca05dd2b5fd613c0bc5b815 SHA512 2b4744dcd200d42a90c7640e3b5d16fa215e042ed4ae675504c20788fdd591cc866313d65be4e72e8992961d2e46f1945b006f4449710e23660c1ef666f17fdd WHIRLPOOL 0257c7919dbb6e82c52d5cd6f3cf909fda64782a1025b1a4f964acb42bd00c0a11b009a9b968250afbd44ccd9578949bb6e73f04d6238514d1b84673602fde87 +AUX openssl-1.0.1e-s_client-verify.patch 592 SHA256 6f540fce663eefbe68cee16ad7d8d561d6c898eeb4180c2f4a4caa7e43c6d0c9 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 WHIRLPOOL 70a4cc36b1dcb24d7e9bcef016684fb2394977f7f20aa332ebd0aa15e3f4c16c74563d2fc0ba8d70669f6cc9a13bf8a30cdb28ebafe2d102cd2859a4e32c38d7 +AUX openssl-1.0.1e-tls-ver-crash.patch 1210 SHA256 720ea2617ad5ba4ab8e16da3fd42858d2daf35a39377c649f408e13012a57e37 SHA512 c0a33d1e7d91d54b4dee2a9392cc1ca31b9038b168eeb471e58620c8e6bf2b86d6bdc6b83a96d47717bb703beee79261a73f607521d3f76d1bfa4563e2db0a3c WHIRLPOOL 758d6877bc6181c1dd354d6737a998e3bd77627789e6f184f1958836f084cbd64b4c6427410fa51f120b5d1b56dc4378180ef90d5b91992629f36917081eb5d1 +AUX openssl-1.0.1f-perl-5.18.patch 7820 SHA256 e45c6856ef35b16e150282afa59432e783943e6aee62394f8a0e79ccd469fd84 SHA512 2fcda9f76968e8a193892170b2acc06b246c5a04bda2c501fa223231af0e4b2a38afd1adaf83cce4afd4210cdfd9cae8251aeb9510f24bcb50e7aeaa9fa09364 WHIRLPOOL 38768056d2bc4cd719c88038d201f765420a7d47b5dbd73b6d86347e59b4a1fc62f5f27d6c576fb73184fcfe26917446753d871db22aeac2a205f0bd18d2bbc3 +AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3029 SHA256 3b4b3e40f70330219a139d8562ed5ebc171c5e7ebf1ab2b29e295ccf435fb6eb SHA512 77f45b12211cb790ae362bed9417590f87a1749d6300dde408f00590ed86e7b05d05909f0a2356e5c64711319d2f8759ad452eaccc0f64c7578916b31462251f WHIRLPOOL a2140b00e69b2dc74d290db0c2d12d3d5e5ca7452710c3f3b2fdde8a06aa0f398212bd263d9a37cfea3df407aa1d26a996b852183955ca5eb4e8c061ca8cb68c +DIST openssl-0.9.8y.tar.gz 3785001 SHA256 bbecf13495e612936e3a9860c29c0701413564b7a964bf771a3575eaa867cee3 SHA512 cdc05067343d6b06a0d0278e90abcea9bf58439c98279ce0ce22673bf6f4a6597babcb276635c3b15cf04ec76cf53320236f5b6bbc46544a61280825f5b7b3cc WHIRLPOOL c8c9cb00f303c2d95a1d2000c74bb146fb069da9471093bf7a2c00db2a5955c2d63908b3314eb9cd12ea1e80c3bac143d3774bc27515f2ab03c5ef4d88b61612 DIST openssl-1.0.0j.tar.gz 4047852 SHA256 626fb8fcb3eb7e966edbe71553ff993d137f6e8a87b05051a3695e621098b8af SHA512 9796c75b4d5de57928708f5f0a8ca01aff5b4974b60006454657ed54c34998bc54d747af03860d319db7e7a57b0cd3c267758ffaac31be2be045c977d5fc33d4 WHIRLPOOL 239f051930d9562e7266edd69cf3a1060d381a95228fd17813dd2dbf469c2cf066786b277c2fd56973b830a6b43f28934f5f15d3b6dfac8f37a6e6a65fcae455 -DIST openssl-1.0.1a.tar.gz 4456456 SHA256 d3487e09d891c772cf946273a3bb0ca47479e7941be6d822274320e7cfcc361b SHA512 ceebecbe60201ebb2c600f97e4e0ed38638789189dc2fae85997d5903eda7884ad6190e21b75c453c28ab36ab9262c30f2732945e78bcecc3090542dd4dafd02 WHIRLPOOL 8448ef79710410a2f2b8a7b7b80798c032273d39a3c3f5c1389a1c45a24dd63a3a5a6ce8902a6d0669f0f2643cd5321e969417d01e5194283a159d1773896a50 -DIST openssl-1.0.1b.tar.gz 4456651 SHA256 1187bf2d5cdf0b286b951bf5c777aa97855cd7db24fdb9604cb557c8b1d7364b SHA512 d0cfec093b1a27a14ee6d6dc5da0c19c14b77edf8ba558e909be7cf8c5e29023061ed7ac3c54ffe08ea0c21bb859781c63257e26423a66a117c5887bc65051d2 WHIRLPOOL 552d99cdecba10f208933d5fd2055125769c67576af76c8a50f0d33a4d64cc3165913cddcf5e9a1bed0dec51efbd055beaa8bfdcb079fb8337b22534da741540 -DIST openssl-1.0.1c.tar.gz 4457113 SHA256 2a9eb3cd4e8b114eb9179c0d3884d61658e7d8e8bf4984798a5f5bd48e325ebe SHA512 14f766daab0828a2f07c65d6da8469a4a5a2b839ff3da188538c4e2db3e3e2f37217fb37e269617fb438463b75fb77dab0b155f36831ff48edbc9e7f2903ebd3 WHIRLPOOL 15f90cd981ed82cb1891a2e4179a15882f34aa0ecfff7e6a4fa435b9ea021168228504e7cd9e201c8ada1207942784558f2696f5d45293fa876cf143d8826bf7 +DIST openssl-1.0.1e.tar.gz 4459777 SHA256 f74f15e8c8ff11aa3d5bb5f276d202ec18d7246e95f961db76054199c69c1ae3 SHA512 c76857e439431b2ef6f2aa123997e53f82b9c3c964d4d765d7cc6c0c20b37a21adf578f9b759b2b65ae3925454c432a01b7de0cd320ece7181dc292e00d3244e WHIRLPOOL e85cca98d9525935977bab00a1309682c0571973a1472cdd75ea1c96a1b12d8b86d1b51a501bc24a6fdbf3257b047a569b5d24d6164a903af689b01d46a7e428 +DIST openssl-1.0.1f.tar.gz 4509212 SHA256 6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a SHA512 8a50892ce0c32707486e248b273631c38e9743371f28f96b635a9e61dac31919e5cf00690d0926c1f425c718cb56c4fe18a87c6e679e0543ad453e42f7a811ef WHIRLPOOL 4489061d7348a53ed23fd01fbaf36b701c5a17968a4811cf0289aa8604752b1e3b3f4ed53ac629db3948d58fab1d9e0efdae5f6cde39a78828dd8b220fdb3900 DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1 -EBUILD openssl-0.9.8u.ebuild 4327 SHA256 700495983027e6aa69cc801f245e35697fb57336fe33d4b165a884a0f1d8743a SHA512 911484ed40414e5528eb8f2f3899adf8c3c01a45574a6f21318a4abc15c2ee5217b54727bb5aa36ba76102d24772954a591a30f38dd65d3ad1b8164a5b93be8f WHIRLPOOL f70f7e47063803b85303a1b49e4c581d7802330c824ec8694109d284e4517be6c7afd960d585c921b7a89c8d1def2d66c60f3c6aa3fd89934e8216141e10f815 -EBUILD openssl-0.9.8v.ebuild 4328 SHA256 6feb0c64fb55a702b77cee8ef7fb549ec48af9b8c6d513a3238cb66d9fe02548 SHA512 047322f69df93f9d0c800bac10eb2069665bae00acba726f85a6c6446659dd2123148e612a41cd38dee756946e61b1897a1e3d38f991c894e8b343bc1dbed34c WHIRLPOOL 1eedc542e7b94ba7d8095c458ca939671bf2c04ccc24d6bc76bb96a0dafa93aa0864d991e55a59d65393f277176f9613092911cc0f3b31396539e3639fb33ba4 -EBUILD openssl-0.9.8w.ebuild 4329 SHA256 d41ca4ed1e7178ec41b08e9948a5793aaa777effe7c3c1d550637f3f3adac1ff SHA512 1463ef8ceb393f23492b67c6b2c6ffdc9727f733640e56050fe4fbfa2450826d94dfaad655bcf0f2b820722aa89c912d898f34ff70a0f1fcd5d26d2ef80c9f37 WHIRLPOOL 5853809b2c4f7891e026147a37b0ed54556d7b55ba5814a1565d094d4757d470eb460a169818ac6d40fc57adc47d63a583bd7c8801ea959dfa0cfc0a8365d973 -EBUILD openssl-0.9.8x.ebuild 4329 SHA256 4d95e8d5a1c566e645d7c8b0be86487114a9b2ef48373b778995a7116e9847da SHA512 cd33d7432234aa0c4fc35fb44e2b0fb06df0bde54641a886027fec17ab7b3cce35441f5599260cb556ba00ced08be7f65925ab2dd4d286c6ae630bdc52c3c5c9 WHIRLPOOL 0dbf0f044ae876bb2109773556efea36d412e5e9c5d4e43aa5c6d636a4e2c405a8754d86d9eb5ac103d360ef69befea33788f835e72e5ec3ec853ca4ad4c06b1 -EBUILD openssl-1.0.0h.ebuild 7045 SHA256 b22ebc6290b9619c741e893c26045b2ee41135b8b5ff0c3823912f8ca78ce9a6 SHA512 2e2e61dccd7aac6fe910df1f74a9e0e8b59888bb5d9f6467496e84d63a517803b76b8f5f563556e129d10c0f4dabc6db53e1db44e5a422ec14a5327dfc804cde WHIRLPOOL e105ca19416bcbb76fbac93d30180e3e9223e67ab9673c50e6719866bce334c56d574b7d19329c49ac9bcb3951bd84fffacd41d91f534ab08f6c3d7ceec808e0 -EBUILD openssl-1.0.0i.ebuild 7045 SHA256 a47a7cb0c489642191aca5c515b0cb7c9732c1b5efc4ddfed7cf73d4627b3a95 SHA512 e02849ee3957b40fc471f8111f7530becb40f965de8075a12ccbb68edc8e41e8c9d07cab671c52800f2091da095c4fad86addda279a65603a676dfc9eb9d3b7e WHIRLPOOL 0b3debf0e531ef1ea29548c3f6f4b5d5f8c774ee4d68e49843bb9f68702c662f4cbf3c1a22b44bedaca0e1cf6ef8103c1777444bdf4833896af65a8d89d23e17 -EBUILD openssl-1.0.0j.ebuild 7045 SHA256 ea3c127fec343b813a517ecc2b6eee6183c8094fdb575ff9fc015783ee3e39cb SHA512 5a501172d4690f71a109ec4efa4166b8c979efd56b36cfb0c9d46e0333b3c3863ebe755512bca87c543f82469daeda601b2a3f4247f924c2905707c7bb383930 WHIRLPOOL 3db8a0e930df8e605da735ccd25ef31b59ea81e0a3839e09cbe927ac88db8d53b263482f673afe8fd10009c8f2b615c3ff5e501ca97f563051223d070835406b -EBUILD openssl-1.0.1a.ebuild 7364 SHA256 8f4b3486fb8e73dcf54469228c089b185444a449796b8651d54d0c45c5ca4e57 SHA512 0ee731d20639b8464330e1be1e130a28dd55ddbdbce4264c16645eb4c9f4d53805a0a97c614add73eab44714a64f8a4db15cfdd90117a48eac8b8bafba464547 WHIRLPOOL 330865f112a84360bc8f14cc5119bc378f126fea2cd7e4a2892fface434d7eeb6a30cee5e798ebd185ec946bf27ead502806b6d5dad7e48f8d43e4c63ebef1eb -EBUILD openssl-1.0.1b.ebuild 7317 SHA256 e06c044e6493d34ab718b10f75c0c4f119dac3bb2989c1bf97b70e14f1131b12 SHA512 eaca2832c9dfb8955a7bb97025fb97a44739c0308283a9dfcd270daccd1b973ac5125f1f1dbf1bece138a0b0f08d2900f7e710f173f89346874251566f3e103b WHIRLPOOL 28fe59a0e846600d1e69d7d505d862f14d5630af3b341cb758bee993466146867a5c7c245711ece96a2b391cd0bf608703986e919447aa299b985571fb3e3ab8 -EBUILD openssl-1.0.1c.ebuild 7308 SHA256 a22c0324c4d1a53b4d5f81f2a4789da6e4c7e34b355cbb1f651b5f2fb975fcd6 SHA512 72129a888e05270a5efbc17e7c901d4fae94ecb0609cffc5d6d528a9be5b57a0a033bab7a71ab076f367a9a5ba8ba2c634434a9f7a9d41bbd3f319138f6ed2dc WHIRLPOOL 4075cde512b87351de65acf1944981727e6195676b61c31d9989752981ef869c6ab2ceb3b0443339b257b3fc647c38be6316b2b3b7d13106b6b3a372544db250 -MISC ChangeLog 70374 SHA256 74ec4fcdd2029fa4a3d54e7b44f5d595c525ab2e60dae7ab6b0bac1fc3a7122a SHA512 999916c9ebcfe10eeddc7ae2a780d81c69ae32f6ce2ec228c863d8e7f063b5db0e91e8c48553d2df56e27ad055925aa11dae74892023acc4a6b307192f6dde3f WHIRLPOOL e602d235f0cc7af6d4e068009a7a575427b425e144bc9192f38c32870c3ef6516584843fe4e07f98b59d3b4bbc204d02d45160a0e132457d51c175e4cf58813c -MISC metadata.xml 374 SHA256 ce29618473c02511695f6767087277e246b2d252ef6e662dbc65e9df44722f5b SHA512 af8240564be62abad18e8f928694ac2836fc445ae186d5ac3b11dae060e5088dbcbbcac625fffe888de1df0e75934cf1484e54c113c00a25a55d57c39563d430 WHIRLPOOL 197464700dbd530c26a50055e98c1008cd1fd6f4f34ba2e9b4070fca6b87201599c3187b5e4689b6360a1311f1de6b96ae6a0050eb9677c648d8eaf28b0880b9 +EBUILD openssl-0.9.8y.ebuild 4424 SHA256 4250c4201a33cebac72954b5068a335d64ec03b03d4a9c787c90c453c23563f9 SHA512 cb59ccff8f59237b33de7db976201b260f5a28a841bcdf59245261a3d74f05c03fc5c4ff4c49e42c38f29533bfa80c6a753448ae9c3e47842223fe12d8f65fce WHIRLPOOL 5c8c490b9094ef6a1c93275dc39f97e61ae021d2cbbfce362f7deb92f844ced318254b1aa2197230dd42b5874602d5c1d43393547642907cf7c6e00244c05d33 +EBUILD openssl-1.0.0j.ebuild 7035 SHA256 8b8cf5082b7eb04abc02fe452a006dad3b2460f65b016f1a1292af79bfef9980 SHA512 e4a4adfa8fda5d514e35f67e55ee50784ae785598b5889cb5d135bb5805b42c77e42246965cfbb4168bf0c6963961dc7e418f979d26574639e8b30730bb2ddea WHIRLPOOL ad2a6e1fcd89e528acce6c0d5a19bfcc82201776bbddb00154fb915792bde6458054d6352abdfa3e1fd17d2f1409de94f9ae6596c25b9e4d87e212901817da99 +EBUILD openssl-1.0.1e-r1.ebuild 8051 SHA256 fc2279e7acad38d658e006d0b6f91a4754927e73266bf19b4e3af6c5b022769e SHA512 39d7f2f233329f2233e27a503fc3b8e1ddc26cb16d196842540bc5f1336272c85d5d2f33445829f68f0e6f7f5bf332bd18637b1ed21e7faa3082493de1ce66f5 WHIRLPOOL c39ea92f3addc5d1de5647be44db7dc88a68f2880633a3601036753792b38727bdd17f52bc3eb2ab8c7ce3f5edfa95a3f40a419cf58abb4bc9128ef1c63f9a80 +EBUILD openssl-1.0.1e-r2.ebuild 8170 SHA256 364b19958f6426e429159dc6de1b59b955f382ad3e85d01235b9835ecee229de SHA512 1fef3a928f7874d868acfe6568fc090b41a288ce05002674d8feefa009b6ff4ad58d9f2db57f3aa45469cabd8fa179375d11b20794f5a0ef85ea7f218a409e66 WHIRLPOOL 28955035911b5867d4daef173de080915a77eee055682e6ac18655e97afca77bdfcfaecdeab4ce02cf97320e6059067eb612f505243d30b79e4b82ae5cb0420c +EBUILD openssl-1.0.1e-r3.ebuild 8276 SHA256 c1d6a6b365db046e8f46d56b09ce9c13351255b036bf4a76ab59772cc8a61a96 SHA512 f96d07e92fc9251cf0687922a76af5c535bdd7bc9ff9035dddc3b70030101dcd81e29d3ad3cb9e45b4981f69932eccabdfa3d83d7b4563f40f65018fb03d5a4c WHIRLPOOL 6e5b9ff9fc09508ec61375031b0bc01148e05ee74496676c86dc60ebc9c30e9391abb5392b5cd574b58bad57c0ce7b1750c26f0f4884ab90d95d55d15fd2d1d9 +EBUILD openssl-1.0.1e.ebuild 7260 SHA256 12cdd7dd88ade561157275f48f1f029b3320a215f503b1ef50704875e98d5635 SHA512 655544f450d0b3306cbbb3e70237e234120386705019ddc03986455591cfa85bcadc4cdb72c0319d6a368e38164956ef1e9027b602d081dab096234b32105e15 WHIRLPOOL 9173764576e15d5351f140bb6d67e47a08f577a818c4d434c5c15d9dec321a512e6f4e7483fa5e5ebee66541313506f4745b4c636392bce7e21455ba7a3bad5e +EBUILD openssl-1.0.1f.ebuild 8181 SHA256 444e562daa1950bfbd9c76bb75922ed2ed6bba5fdc229c7b08cf80d370326e1e SHA512 34ebc04c3ea1efade80fa229c9a5e15bfd93c4462d893d410387948ab9760566cc9d84e6414dff96c6d970c85598bac024308e5e0799e0b3b312eefccb579649 WHIRLPOOL d931b949e9cd459eac7d4fb5f32a0c43a00d8083783a393dc4f845e2648f2ff5097a72db5ea450b1f6806336f128776df137af4887ff40d3c29a4b41b360a2ca +MISC ChangeLog 77738 SHA256 ec9b5e0f6b368b1fa2dfdba47c17fa3ef682882c144dc6994ee4c1d8286dd292 SHA512 f98b38834e94dacc6c0db25ac54e64497b3c2a47862a0121537d44935f36b1f4d6aaa2cf08c9aee6fa8a3dba152ad69ebcf5251423797333c945d25e4a2d2830 WHIRLPOOL a4041968d7c06cb2eeb3e0d92f15d6f306d877d39a5010073d591be3b2a5aefb7a0e37810f196085563bd39616d3192e81cabb1b408caf00d695159bdcbdb0a4 +MISC metadata.xml 537 SHA256 dfb61bab6de1d7e943f92be14ed54fb9275d568a11d6ba29e395f23f547603ee SHA512 0417c438c7f9586c7bbe7694707fec94f2ecf6fb59e36bc87d707fab0b24346a6c9fac5e58c69302e767cd8a7e50a508cdb2430b2cdf8fcc88921286e09756e1 WHIRLPOOL 0f21bab1258c7ee675c27cb7d78a90985437dc8d001a232661657549cebd9f2f26802686435bdd3a1346c5a0ff14bfffa740d6ded2288dc211ad0183f5b3f686 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (GNU/Linux) + +iQIcBAEBCAAGBQJS5PimAAoJELp701BxlEWfKWoQAIf0aYS6Ok4lAz4Cbm+MwaEY +URqfYk8Em5aNtjMW72Vnns2a2X0jbaZSlQ9lCF64M5M5vA1gpkCmKdUV1fvtWlli +NtAaH2Rf3D9z2iAxMGkWpe10Lsq0GK0MOC5hosyX0HsCuqxvbUj6sH3Kqtku+Kfe +QIMymUOHNR17J5Bb4sdMTr/3DoTGRyWS8SGhKm//CeaGxKyJfbOew+RHiBG5t/GB ++OCRZAPfwzDBEJXFjNPkh5W/jV+b8o/N+CNFcybpinPqNa4Hlk6A5phSPdgKL94n +54/Ev3YVwAIUQ4D2Tl0zvIGZmid/bGzmLL+JiEkhPoyTFGj9pNHdH39ufOTMxXCK +2yK9Ew7BxmmlGVJZK8Z2yI3pJJJLYGQmLKu2VNN4p10o2NEYaj6varCS9B396+Kp +Zc76QtlqfTNa1wKQ6Ps3asi/aouwwro06tUp3yr1/WN9DNzV1SNFvP7JlC3INaoL +a3GwUIA8UJbz8uxh8ZHz60QA/stRL6N3oPcIGd+BzX58ahAvhUm8lnmZvBF9AtjE +MD641OT/js5Rkzx93mZYZdM4IEYT2UR4MqrqJ9Yk6AsBPd65/qVWMm9Vq9m09YsN +rSPcw0cvPbjXfT50l6S+QMOFfxA01i6xOLrDZCyAOU0XhxMR5lDhNRz2/fpkZoHW +5FtFH4wTTc7AgF91noZr +=H9rM +-----END PGP SIGNATURE----- diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 old mode 100644 new mode 100755 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 new file mode 100755 index 0000000000..4d184936c0 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 @@ -0,0 +1,164 @@ +#!/usr/bin/env bash +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.1,v 1.2 2014/01/17 04:27:03 vapier Exp $ +# +# Openssl doesn't play along nicely with cross-compiling +# like autotools based projects, so let's teach it new tricks. +# +# Review the bundled 'config' script to see why kind of targets +# we can pass to the 'Configure' script. + + +# Testing routines +if [[ $1 == "test" ]] ; then + for c in \ + "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ + "armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \ + "x86_64-pc-linux-gnu |linux-x86_64" \ + "alpha-linux-gnu |linux-alpha-gcc" \ + "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ + "i686-pc-linux-gnu |linux-elf" \ + "whatever-gentoo-freebsdX.Y |BSD-generic32" \ + "i686-gentoo-freebsdX.Y |BSD-x86-elf" \ + "sparc64-alpha-freebsdX.Y |BSD-sparc64" \ + "ia64-gentoo-freebsd5.99234 |BSD-ia64" \ + "x86_64-gentoo-freebsdX.Y |BSD-x86_64" \ + "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ + "powerpc-gentOO-linux-uclibc |linux-ppc" \ + "powerpc64-unk-linux-gnu |linux-ppc64" \ + "x86_64-apple-darwinX |darwin64-x86_64-cc" \ + "powerpc64-apple-darwinX |darwin64-ppc-cc" \ + "i686-apple-darwinX |darwin-i386-cc" \ + "i386-apple-darwinX |darwin-i386-cc" \ + "powerpc-apple-darwinX |darwin-ppc-cc" \ + "i586-pc-winnt |winnt-parity" \ + "s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \ + "s390x-linux-gnu |linux64-s390x" \ + ;do + CHOST=${c/|*} + ret_want=${c/*|} + ret_got=$(CHOST=${CHOST} "$0") + + if [[ ${ret_want} == "${ret_got}" ]] ; then + echo "PASS: ${CHOST}" + else + echo "FAIL: ${CHOST}" + echo -e "\twanted: ${ret_want}" + echo -e "\twe got: ${ret_got}" + fi + done + exit 0 +fi +[[ -z ${CHOST} && -n $1 ]] && CHOST=$1 + + +# Detect the operating system +case ${CHOST} in + *-aix*) system="aix";; + *-darwin*) system="darwin";; + *-freebsd*) system="BSD";; + *-hpux*) system="hpux";; + *-linux*) system="linux";; + *-solaris*) system="solaris";; + *-winnt*) system="winnt";; + x86_64-*-mingw*) system="mingw64";; + *mingw*) system="mingw";; + *) exit 0;; +esac + + +# Compiler munging +compiler="gcc" +if [[ ${CC} == "ccc" ]] ; then + compiler=${CC} +fi + + +# Detect target arch +machine="" +chost_machine=${CHOST%%-*} +case ${system} in +linux) + case ${chost_machine}:${ABI} in + aarch64*be) machine="generic64 -DB_ENDIAN";; + aarch64*) machine="generic64 -DL_ENDIAN";; + alphaev56*|\ + alphaev[678]*)machine=alpha+bwx-${compiler};; + alpha*) machine=alpha-${compiler};; + armv[4-9]*b*) machine="armv4 -DB_ENDIAN";; + armv[4-9]*) machine="armv4 -DL_ENDIAN";; + arm*b*) machine="generic32 -DB_ENDIAN";; + arm*) machine="generic32 -DL_ENDIAN";; + avr*) machine="generic32 -DL_ENDIAN";; + bfin*) machine="generic32 -DL_ENDIAN";; + # hppa64*) machine=parisc64;; + hppa*) machine="generic32 -DB_ENDIAN";; + i[0-9]86*|\ + x86_64*:x86) machine=elf;; + ia64*) machine=ia64;; + m68*) machine="generic32 -DB_ENDIAN";; + mips*el*) machine="generic32 -DL_ENDIAN";; + mips*) machine="generic32 -DB_ENDIAN";; + powerpc64*le) machine="generic64 -DL_ENDIAN";; + powerpc64*) machine=ppc64;; + powerpc*le) machine="generic32 -DL_ENDIAN";; + powerpc*) machine=ppc;; + # sh64*) machine=elf;; + sh*b*) machine="generic32 -DB_ENDIAN";; + sh*) machine="generic32 -DL_ENDIAN";; + sparc*v7*) machine="generic32 -DB_ENDIAN";; + sparc64*) machine=sparcv9;; + sparc*) machine=sparcv8;; + s390x*) machine=s390x system=linux64;; + s390*) machine="generic32 -DB_ENDIAN";; + x86_64*:x32) machine=x32;; + x86_64*) machine=x86_64;; + esac + ;; +BSD) + case ${chost_machine} in + alpha*) machine=generic64;; + i[6-9]86*) machine=x86-elf;; + ia64*) machine=ia64;; + sparc64*) machine=sparc64;; + x86_64*) machine=x86_64;; + *) machine=generic32;; + esac + ;; +aix) + machine=${compiler} + ;; +darwin) + case ${chost_machine} in + powerpc64) machine=ppc-cc; system=${system}64;; + powerpc) machine=ppc-cc;; + i?86*) machine=i386-cc;; + x86_64) machine=x86_64-cc; system=${system}64;; + esac + ;; +hpux) + case ${chost_machine} in + ia64) machine=ia64-${compiler} ;; + esac + ;; +solaris) + case ${chost_machine} in + i386) machine=x86-${compiler} ;; + x86_64*) machine=x86_64-${compiler}; system=${system}64;; + sparcv9*) machine=sparcv9-${compiler}; system=${system}64;; + sparc*) machine=sparcv8-${compiler};; + esac + ;; +winnt) + machine=parity + ;; +mingw*) + # special case ... no xxx-yyy style name + echo ${system} + ;; +esac + + +# If we have something, show it +[[ -n ${machine} ]] && echo ${system}-${machine} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch deleted file mode 100644 index c8fe3301fb..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch +++ /dev/null @@ -1,59 +0,0 @@ -fix unaligned access in alpha specific 'OPENSSL_cleanse' function - -Debugged with the following simple program: - // gcc cleanse_test.c -o ct -lcrypto - #include - int main(void) - { - char buffer [128]; - int off; - int sz; - for (off = 0; off < sizeof (buffer); ++off) - for (sz = 0; sz < sizeof (buffer) - off; ++sz) - OPENSSL_cleanse (buffer + off, sz); - return 0; - } - $ prctl --unaligned=signal ./cleanse_test - Bus error - -https://bugs.gentoo.org/show_bug.cgi?id=371561 -http://cvs.openssl.org/chngview?cn=21233 -Reported by Tobias Klausmann -Fixed by Andy Polyakov -diff --git a/crypto/alphacpuid.pl b/crypto/alphacpuid.pl -index 11f2e30..5b0e21b 100644 ---- a/crypto/alphacpuid.pl -+++ b/crypto/alphacpuid.pl -@@ -99,19 +99,19 @@ OPENSSL_cleanse: - beq $0,.Laligned - - .Little: -+ subq $0,8,$0 - ldq_u $1,0($16) - mov $16,$2 - .Lalign: - mskbl $1,$16,$1 - lda $16,1($16) - subq $17,1,$17 -- subq $0,1,$0 -+ addq $0,1,$0 - beq $17,.Lout - bne $0,.Lalign - .Lout: stq_u $1,0($2) - beq $17,.Ldone - bic $17,7,$at -- mov $17,$0 - beq $at,.Little - - .Laligned: -@@ -120,9 +120,7 @@ OPENSSL_cleanse: - lda $16,8($16) - bic $17,7,$at - bne $at,.Laligned -- beq $17,.Ldone -- mov $17,$0 -- br .Little -+ bne $17,.Little - .Ldone: ret ($26) - .end OPENSSL_cleanse - ___ diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch deleted file mode 100644 index 1d5496daed..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch +++ /dev/null @@ -1,13 +0,0 @@ -http://bugs.gentoo.org/364699 - ---- crypto/bn/asm/alpha-mont.pl -+++ crypto/bn/asm/alpha-mont.pl -@@ -41,7 +41,7 @@ $j="s4"; - $m1="s5"; - - $code=<<___; --#indef __linux__ -+#ifdef __linux__ - #include - #else - #include diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch deleted file mode 100644 index fcf286c2ec..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch +++ /dev/null @@ -1,42 +0,0 @@ -move internal libraries to ".private" fields so that the default ---libs output matches only what we need - ---- a/Makefile.org -+++ b/Makefile.org -@@ -325,7 +325,8 @@ libcrypto.pc: Makefile - echo 'Description: OpenSSL cryptography library'; \ - echo 'Version: '$(VERSION); \ - echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \ -+ echo 'Libs: -L$${libdir} -lcrypto'; \ -+ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc - - libssl.pc: Makefile -@@ -334,11 +335,12 @@ libssl.pc: Makefile - echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ - echo 'includedir=$${prefix}/include'; \ - echo ''; \ -- echo 'Name: OpenSSL'; \ -+ echo 'Name: OpenSSL-libssl'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries'; \ - echo 'Version: '$(VERSION); \ -- echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ -+ echo 'Requires.private: libcrypto'; \ -+ echo 'Libs: -L$${libdir} -lssl'; \ -+ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc - - openssl.pc: Makefile -@@ -350,9 +352,7 @@ openssl.pc: Makefile - echo 'Name: OpenSSL'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ - echo 'Version: '$(VERSION); \ -- echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ -- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc -+ echo 'Requires: libssl libcrypto' ) > openssl.pc - - Makefile: Makefile.org Configure config - @echo "Makefile is older than Makefile.org, Configure or config." diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch index 7c804b5432..19f859abb2 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch @@ -335,3 +335,20 @@ http://rt.openssl.org/Ticket/Display.html?id=2084 # DO NOT DELETE THIS LINE -- make depend depends on it. +--- a/crypto/objects/Makefile ++++ b/crypto/objects/Makefile +@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h + # objects.pl both reads and writes obj_mac.num + obj_mac.h: objects.pl objects.txt obj_mac.num + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h +- @sleep 1; touch obj_mac.h; sleep 1 + +-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num ++# This doesn't really need obj_mac.h, but since that rule reads & writes ++# obj_mac.num, we can't run in parallel with it. ++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h + $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h +- @sleep 1; touch obj_xref.h; sleep 1 + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1a-hmac-ia32cap.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1a-hmac-ia32cap.patch deleted file mode 100644 index 4e0ed86a99..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1a-hmac-ia32cap.patch +++ /dev/null @@ -1,52 +0,0 @@ -http://cvs.openssl.org/chngview?cn=22455 - -fix from upstream for building on non-x86 arches - -e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms [from HEAD]. PR: 2792 - -Index: crypto/evp/e_rc4_hmac_md5.c -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/crypto/evp/e_rc4_hmac_md5.c,v -retrieving revision 1.1.2.5 -retrieving revision 1.1.2.6 -diff -u -p -r1.1.2.5 -r1.1.2.6 ---- crypto/evp/e_rc4_hmac_md5.c 18 Apr 2012 17:51:33 -0000 1.1.2.5 -+++ crypto/evp/e_rc4_hmac_md5.c 19 Apr 2012 20:43:02 -0000 1.1.2.6 -@@ -121,6 +121,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE - md5_off = MD5_CBLOCK-key->md.num, - blocks; - unsigned int l; -+ extern unsigned int OPENSSL_ia32cap_P[]; - #endif - size_t plen = key->payload_length; - -@@ -132,7 +133,8 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE - /* cipher has to "fall behind" */ - if (rc4_off>md5_off) md5_off+=MD5_CBLOCK; - -- if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK)) { -+ if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK) && -+ (OPENSSL_ia32cap_P[0]&(1<<20))==0) { - MD5_Update(&key->md,in,md5_off); - RC4(&key->ks,rc4_off,in,out); - -@@ -172,7 +174,8 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE - if (md5_off>rc4_off) rc4_off += 2*MD5_CBLOCK; - else rc4_off += MD5_CBLOCK; - -- if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK)) { -+ if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK) && -+ (OPENSSL_ia32cap_P[0]&(1<<20))==0) { - RC4(&key->ks,rc4_off,in,out); - MD5_Update(&key->md,out,md5_off); - -@@ -289,8 +292,6 @@ static EVP_CIPHER r4_hmac_md5_cipher= - - const EVP_CIPHER *EVP_rc4_hmac_md5(void) - { -- extern unsigned int OPENSSL_ia32cap_P[]; -- /* RC4_CHAR flag ------------vvvvv */ -- return(OPENSSL_ia32cap_P[0]&(1<<20) ? NULL : &r4_hmac_md5_cipher); -+ return(&r4_hmac_md5_cipher); - } - #endif diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch new file mode 100644 index 0000000000..4422a62c42 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch @@ -0,0 +1,35 @@ +https://bugs.gentoo.org/463444 + +From 9ab3ce124616cb12bd39c6aa1e1bde0f46969b29 Mon Sep 17 00:00:00 2001 +From: Andy Polyakov +Date: Mon, 18 Mar 2013 19:29:41 +0100 +Subject: [PATCH] e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI + plaforms. + +PR: 3002 +(cherry picked from commit 5c60046553716fcf160718f59160493194f212dc) +--- + crypto/evp/e_aes_cbc_hmac_sha1.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c +index 483e04b..fb2c884 100644 +--- a/crypto/evp/e_aes_cbc_hmac_sha1.c ++++ b/crypto/evp/e_aes_cbc_hmac_sha1.c +@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + + if (res!=SHA_CBLOCK) continue; + +- mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1)); ++ /* j is not incremented yet */ ++ mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1)); + data->u[SHA_LBLOCK-1] |= bitlen&mask; + sha1_block_data_order(&key->md,data,1); +- mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1)); ++ mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1)); + pmac->u[0] |= key->md.h0 & mask; + pmac->u[1] |= key->md.h1 & mask; + pmac->u[2] |= key->md.h2 & mask; +-- +1.8.2.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch similarity index 94% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch index 4955c65d31..521cfb5ed6 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch @@ -26,13 +26,6 @@ diff -u -r1.21.2.1 s_apps.h int should_retry(int i); int extract_port(char *str, short *port_ptr); int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); -Index: apps/s_cb.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_cb.c,v -retrieving revision 1.27.2.8.2.2 -diff -u -r1.27.2.8.2.2 s_cb.c ---- apps/s_cb.c 13 Nov 2011 13:13:13 -0000 1.27.2.8.2.2 -+++ apps/s_cb.c 28 Dec 2011 00:28:14 -0000 Index: apps/s_client.c =================================================================== RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v @@ -40,12 +33,13 @@ retrieving revision 1.123.2.6.2.10 diff -u -r1.123.2.6.2.10 s_client.c --- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10 +++ apps/s_client.c 28 Dec 2011 00:28:14 -0000 -@@ -285,6 +285,9 @@ +@@ -285,6 +285,10 @@ { BIO_printf(bio_err,"usage: s_client args\n"); BIO_printf(bio_err,"\n"); ++ BIO_printf(bio_err," -4 - use IPv4 only\n"); +#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6\n"); ++ BIO_printf(bio_err," -6 - use IPv6 only\n"); +#endif BIO_printf(bio_err," -host host - use -connect instead\n"); BIO_printf(bio_err," -port port - use -connect instead\n"); @@ -71,19 +65,28 @@ diff -u -r1.123.2.6.2.10 s_client.c int peerlen = sizeof(peer); int enable_timeouts = 0 ; long socket_mtu = 0; -@@ -630,6 +638,8 @@ +@@ -630,6 +638,12 @@ meth=SSLv2_client_method(); #endif + use_ipv4 = 1; ++#if OPENSSL_USE_IPV6 ++ use_ipv6 = 1; ++#else + use_ipv6 = 0; ++#endif apps_startup(); c_Pause=0; c_quiet=0; -@@ -951,6 +961,13 @@ +@@ -951,6 +961,18 @@ jpake_secret = *++argv; } #endif ++ else if (strcmp(*argv,"-4") == 0) ++ { ++ use_ipv4 = 1; ++ use_ipv6 = 0; ++ } +#if OPENSSL_USE_IPV6 + else if (strcmp(*argv,"-6") == 0) + { @@ -91,18 +94,9 @@ diff -u -r1.123.2.6.2.10 s_client.c + use_ipv6 = 1; + } +#endif + #ifndef OPENSSL_NO_SRTP else if (strcmp(*argv,"-use_srtp") == 0) { - if (--argc < 1) goto bad; -@@ -967,7 +984,7 @@ - keymatexportlen=atoi(*(++argv)); - if (keymatexportlen == 0) goto bad; - } -- else -+ else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badop=1; @@ -1259,7 +1276,7 @@ re_start: @@ -121,15 +115,6 @@ diff -u -r1.123.2.6.2.10 s_client.c { BIO_printf(bio_err, "getsockname:errno=%d\n", get_last_socket_error()); -@@ -2036,7 +2061,7 @@ - BIO_printf(bio,"Expansion: %s\n", - expansion ? SSL_COMP_get_name(expansion) : "NONE"); - #endif -- -+ - #ifdef SSL_DEBUG - { - /* Print out local port of connection: useful for debugging */ =================================================================== RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v retrieving revision 1.136.2.15.2.13 @@ -184,9 +169,9 @@ diff -u -r1.136.2.15.2.13 s_server.c + use_ipv6 = 1; + } +#endif + #ifndef OPENSSL_NO_SRTP else if (strcmp(*argv,"-use_srtp") == 0) { - if (--argc < 1) goto bad; @@ -1884,9 +1907,9 @@ BIO_printf(bio_s_out,"ACCEPT\n"); (void)BIO_flush(bio_s_out); @@ -228,7 +213,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c #ifdef OPENSSL_SYS_WIN16 #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -@@ -234,38 +234,76 @@ +@@ -234,38 +234,68 @@ return(1); } @@ -243,20 +228,13 @@ diff -u -r1.43.2.3.2.2 s_socket.c - memset(ip, '\0', sizeof ip); - if (!host_ip(host,&(ip[0]))) -+ if (!use_ipv4 && !use_ipv6) - return 0; +- return 0; - return init_client_ip(sock,ip,port,type); - } - -static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) - { - unsigned long addr; -+#if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+#else -+ if (use_ipv6) -+ return 0; -+#endif + if (use_ipv4) + if (host_ip(host,ip,AF_INET)) + return(init_client_ip(sock,ip,port,type,AF_INET)); diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch new file mode 100644 index 0000000000..6427c53599 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch @@ -0,0 +1,375 @@ +https://bugs.gentoo.org/483820 + +Submitted By: Martin Ward +Date: 2013-06-18 +Initial Package Version: 1.0.1e +Upstream Status: Unknown +Origin: self, based on fedora +Description: Fixes install with perl-5.18. + +--- openssl-1.0.1e.orig/doc/apps/cms.pod ++++ openssl-1.0.1e/doc/apps/cms.pod +@@ -450,28 +450,28 @@ + + =over 4 + +-=item 0 ++=item C<0> + + the operation was completely successfully. + +-=item 1 ++=item C<1> + + an error occurred parsing the command options. + +-=item 2 ++=item C<2> + + one of the input files could not be read. + +-=item 3 ++=item C<3> + + an error occurred creating the CMS file or when reading the MIME + message. + +-=item 4 ++=item C<4> + + an error occurred decrypting or verifying the message. + +-=item 5 ++=item C<5> + + the message was verified correctly but an error occurred writing out + the signers certificates. +--- openssl-1.0.1e.orig/doc/apps/smime.pod ++++ openssl-1.0.1e/doc/apps/smime.pod +@@ -308,28 +308,28 @@ + + =over 4 + +-=item 0 ++=item C<0> + + the operation was completely successfully. + +-=item 1 ++=item C<1> + + an error occurred parsing the command options. + +-=item 2 ++=item C<2> + + one of the input files could not be read. + +-=item 3 ++=item C<3> + + an error occurred creating the PKCS#7 file or when reading the MIME + message. + +-=item 4 ++=item C<4> + + an error occurred decrypting or verifying the message. + +-=item 5 ++=item C<5> + + the message was verified correctly but an error occurred writing out + the signers certificates. +--- openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod ++++ openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod +@@ -278,6 +278,8 @@ + an application specific error. This will never be returned unless explicitly + set by an application. + ++=back ++ + =head1 NOTES + + The above functions should be used instead of directly referencing the fields +--- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod ++++ openssl-1.0.1e/doc/ssl/SSL_accept.pod +@@ -44,12 +44,12 @@ + + =over 4 + +-=item 1 ++=item C<1> + + The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been + established. + +-=item 0 ++=item C<0> + + The TLS/SSL handshake was not successful but was shut down controlled and + by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the +--- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod ++++ openssl-1.0.1e/doc/ssl/SSL_clear.pod +@@ -56,12 +56,12 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The SSL_clear() operation could not be performed. Check the error stack to + find out the reason. + +-=item 1 ++=item C<1> + + The SSL_clear() operation was successful. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod ++++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod +@@ -53,11 +53,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation succeeded. + +-=item 1 ++=item C<1> + + The operation failed. Check the error queue to find out the reason. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod ++++ openssl-1.0.1e/doc/ssl/SSL_connect.pod +@@ -41,12 +41,12 @@ + + =over 4 + +-=item 1 ++=item C<1> + + The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been + established. + +-=item 0 ++=item C<0> + + The TLS/SSL handshake was not successful but was shut down controlled and + by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the +--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod ++++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod +@@ -52,13 +52,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed. In case of the add operation, it was tried to add + the same (identical) session twice. In case of the remove operation, the + session was not found in the cache. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod ++++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod +@@ -100,13 +100,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed because B and B are NULL or the + processing at one of the locations specified failed. Check the error + stack to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod ++++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod +@@ -66,11 +66,11 @@ + + =over 4 + +-=item 1 ++=item C<1> + + The operation succeeded. + +-=item 0 ++=item C<0> + + A failure while manipulating the STACK_OF(X509_NAME) object occurred or + the X509_NAME could not be extracted from B. Check the error stack +--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod ++++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod +@@ -64,13 +64,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The length B of the session id context B exceeded + the maximum allowed length of B. The error + is logged to the error stack. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod ++++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod +@@ -42,11 +42,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The new choice failed, check the error stack to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod ++++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod +@@ -81,6 +81,8 @@ + + Return values from the server callback are interpreted as follows: + ++=over ++ + =item > 0 + + PSK identity was found and the server callback has provided the PSK +@@ -94,9 +96,11 @@ + connection will fail with decryption_error before it will be finished + completely. + +-=item 0 ++=item C<0> + + PSK identity was not found. An "unknown_psk_identity" alert message + will be sent and the connection setup fails. + ++=back ++ + =cut +--- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod ++++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod +@@ -45,12 +45,12 @@ + + =over 4 + +-=item 1 ++=item C<1> + + The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been + established. + +-=item 0 ++=item C<0> + + The TLS/SSL handshake was not successful but was shut down controlled and + by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the +--- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod ++++ openssl-1.0.1e/doc/ssl/SSL_read.pod +@@ -86,7 +86,7 @@ + The read operation was successful; the return value is the number of + bytes actually read from the TLS/SSL connection. + +-=item 0 ++=item C<0> + + The read operation was not successful. The reason may either be a clean + shutdown due to a "close notify" alert sent by the peer (in which case +--- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod ++++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod +@@ -27,11 +27,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + A new session was negotiated. + +-=item 1 ++=item C<1> + + A session was reused. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod ++++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod +@@ -35,11 +35,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed. Check the error stack to find out why. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod ++++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod +@@ -37,11 +37,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed; check the error stack to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod ++++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod +@@ -92,12 +92,12 @@ + + =over 4 + +-=item 1 ++=item C<1> + + The shutdown was successfully completed. The "close notify" alert was sent + and the peer's "close notify" alert was received. + +-=item 0 ++=item C<0> + + The shutdown is not yet finished. Call SSL_shutdown() for a second time, + if a bidirectional shutdown shall be performed. +--- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod ++++ openssl-1.0.1e/doc/ssl/SSL_write.pod +@@ -79,7 +79,7 @@ + The write operation was successful, the return value is the number of + bytes actually written to the TLS/SSL connection. + +-=item 0 ++=item C<0> + + The write operation was not successful. Probably the underlying connection + was closed. Call SSL_get_error() with the return value B to find out, diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch new file mode 100644 index 0000000000..8c414a42ee --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch @@ -0,0 +1,28 @@ +https://chromium-review.googlesource.com/181001 + +From 8a1956f3eac8b164f8c741ff1a259008bab3bac1 Mon Sep 17 00:00:00 2001 +From: "Dr. Stephen Henson" +Date: Wed, 11 Dec 2013 14:45:12 +0000 +Subject: [PATCH] Don't use rdrand engine as default unless explicitly + requested. (cherry picked from commit + 16898401bd47a153fbf799127ff57fdcfcbd324f) + +--- + crypto/engine/eng_rdrand.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c +index a9ba5ae..4e9e91d 100644 +--- a/crypto/engine/eng_rdrand.c ++++ b/crypto/engine/eng_rdrand.c +@@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e) + { + if (!ENGINE_set_id(e, engine_e_rdrand_id) || + !ENGINE_set_name(e, engine_e_rdrand_name) || ++ !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) || + !ENGINE_set_init_function(e, rdrand_init) || + !ENGINE_set_RAND(e, &rdrand_meth) ) + return 0; +-- +1.8.4.3 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch new file mode 100644 index 0000000000..03e4f59989 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch @@ -0,0 +1,18 @@ +https://bugs.gentoo.org/472584 +http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest + +fix verification handling in s_client. when loading paths, make sure +we properly fallback to setting the default paths. + +--- a/apps/s_client.c ++++ b/apps/s_client.c +@@ -899,7 +899,7 @@ + if (!set_cert_key_stuff(ctx,cert,key)) + goto end; + +- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || ++ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) && + (!SSL_CTX_set_default_verify_paths(ctx))) + { + /* BIO_printf(bio_err,"error setting default verify locations\n"); */ + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch new file mode 100644 index 0000000000..034da7d414 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch @@ -0,0 +1,34 @@ +https://bugs.gentoo.org/494816 +https://bugzilla.redhat.com/show_bug.cgi?id=1045363 +http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest + +From ca989269a2876bae79393bd54c3e72d49975fc75 Mon Sep 17 00:00:00 2001 +From: "Dr. Stephen Henson" +Date: Thu, 19 Dec 2013 14:37:39 +0000 +Subject: [PATCH] Use version in SSL_METHOD not SSL structure. + +When deciding whether to use TLS 1.2 PRF and record hash algorithms +use the version number in the corresponding SSL_METHOD structure +instead of the SSL structure. The SSL structure version is sometimes +inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already. +(CVE-2013-6449) +--- + ssl/s3_lib.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c +index bf832bb..c4ef273 100644 +--- a/ssl/s3_lib.c ++++ b/ssl/s3_lib.c +@@ -4286,7 +4286,7 @@ need to go to SSL_ST_ACCEPT. + long ssl_get_algorithm2(SSL *s) + { + long alg2 = s->s3->tmp.new_cipher->algorithm2; +- if (TLS1_get_version(s) >= TLS1_2_VERSION && ++ if (s->method->version == TLS1_2_VERSION && + alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) + return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; + return alg2; +-- +1.8.4.3 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch new file mode 100644 index 0000000000..c662096377 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch @@ -0,0 +1,356 @@ +Forward-ported from openssl-1.0.1e-perl-5.18.patch +Fixes install with perl-5.18. + +https://bugs.gentoo.org/show_bug.cgi?id=497286 + +Signed-off-by: Lars Wendler + +--- openssl-1.0.1f/doc/apps/cms.pod ++++ openssl-1.0.1f/doc/apps/cms.pod +@@ -450,28 +450,28 @@ + + =over 4 + +-=item 0 ++=item C<0> + + the operation was completely successfully. + +-=item 1 ++=item C<1> + + an error occurred parsing the command options. + +-=item 2 ++=item C<2> + + one of the input files could not be read. + +-=item 3 ++=item C<3> + + an error occurred creating the CMS file or when reading the MIME + message. + +-=item 4 ++=item C<4> + + an error occurred decrypting or verifying the message. + +-=item 5 ++=item C<5> + + the message was verified correctly but an error occurred writing out + the signers certificates. +--- openssl-1.0.1f/doc/apps/smime.pod ++++ openssl-1.0.1f/doc/apps/smime.pod +@@ -308,28 +308,28 @@ + + =over 4 + +-=item 0 ++=item C<0> + + the operation was completely successfully. + +-=item 1 ++=item C<1> + + an error occurred parsing the command options. + +-=item 2 ++=item C<2> + + one of the input files could not be read. + +-=item 3 ++=item C<3> + + an error occurred creating the PKCS#7 file or when reading the MIME + message. + +-=item 4 ++=item C<4> + + an error occurred decrypting or verifying the message. + +-=item 5 ++=item C<5> + + the message was verified correctly but an error occurred writing out + the signers certificates. +--- openssl-1.0.1f/doc/ssl/SSL_accept.pod ++++ openssl-1.0.1f/doc/ssl/SSL_accept.pod +@@ -44,13 +44,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The TLS/SSL handshake was not successful but was shut down controlled and + by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the + return value B to find out the reason. + +-=item 1 ++=item C<1> + + The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been + established. +--- openssl-1.0.1f/doc/ssl/SSL_clear.pod ++++ openssl-1.0.1f/doc/ssl/SSL_clear.pod +@@ -56,12 +56,12 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The SSL_clear() operation could not be performed. Check the error stack to + find out the reason. + +-=item 1 ++=item C<1> + + The SSL_clear() operation was successful. + +--- openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod ++++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod +@@ -53,11 +53,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation succeeded. + +-=item 1 ++=item C<1> + + The operation failed. Check the error queue to find out the reason. + +--- openssl-1.0.1f/doc/ssl/SSL_connect.pod ++++ openssl-1.0.1f/doc/ssl/SSL_connect.pod +@@ -41,13 +41,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The TLS/SSL handshake was not successful but was shut down controlled and + by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the + return value B to find out the reason. + +-=item 1 ++=item C<1> + + The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been + established. +--- openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod ++++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod +@@ -52,13 +52,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed. In case of the add operation, it was tried to add + the same (identical) session twice. In case of the remove operation, the + session was not found in the cache. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod ++++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod +@@ -100,13 +100,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed because B and B are NULL or the + processing at one of the locations specified failed. Check the error + stack to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod ++++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod +@@ -66,13 +66,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + A failure while manipulating the STACK_OF(X509_NAME) object occurred or + the X509_NAME could not be extracted from B. Check the error stack + to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod ++++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod +@@ -64,13 +64,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The length B of the session id context B exceeded + the maximum allowed length of B. The error + is logged to the error stack. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod ++++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod +@@ -42,11 +42,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The new choice failed, check the error stack to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod ++++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod +@@ -96,7 +96,7 @@ + connection will fail with decryption_error before it will be finished + completely. + +-=item 0 ++=item C<0> + + PSK identity was not found. An "unknown_psk_identity" alert message + will be sent and the connection setup fails. +--- openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod ++++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod +@@ -45,13 +45,13 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The TLS/SSL handshake was not successful but was shut down controlled and + by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the + return value B to find out the reason. + +-=item 1 ++=item C<1> + + The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been + established. +--- openssl-1.0.1f/doc/ssl/SSL_read.pod ++++ openssl-1.0.1f/doc/ssl/SSL_read.pod +@@ -86,7 +86,7 @@ + The read operation was successful; the return value is the number of + bytes actually read from the TLS/SSL connection. + +-=item 0 ++=item C<0> + + The read operation was not successful. The reason may either be a clean + shutdown due to a "close notify" alert sent by the peer (in which case +--- openssl-1.0.1f/doc/ssl/SSL_session_reused.pod ++++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod +@@ -27,11 +27,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + A new session was negotiated. + +-=item 1 ++=item C<1> + + A session was reused. + +--- openssl-1.0.1f/doc/ssl/SSL_set_fd.pod ++++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod +@@ -35,11 +35,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed. Check the error stack to find out why. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_set_session.pod ++++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod +@@ -37,11 +37,11 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The operation failed; check the error stack to find out the reason. + +-=item 1 ++=item C<1> + + The operation succeeded. + +--- openssl-1.0.1f/doc/ssl/SSL_shutdown.pod ++++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod +@@ -92,14 +92,14 @@ + + =over 4 + +-=item 0 ++=item C<0> + + The shutdown is not yet finished. Call SSL_shutdown() for a second time, + if a bidirectional shutdown shall be performed. + The output of L may be misleading, as an + erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. + +-=item 1 ++=item C<1> + + The shutdown was successfully completed. The "close notify" alert was sent + and the peer's "close notify" alert was received. +--- openssl-1.0.1f/doc/ssl/SSL_write.pod ++++ openssl-1.0.1f/doc/ssl/SSL_write.pod +@@ -79,7 +79,7 @@ + The write operation was successful, the return value is the number of + bytes actually written to the TLS/SSL connection. + +-=item 0 ++=item C<0> + + The write operation was not successful. Probably the underlying connection + was closed. Call SSL_get_error() with the return value B to find out, diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch new file mode 100644 index 0000000000..42a6fbd5e7 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch @@ -0,0 +1,83 @@ +when gcc is given a .s file and told to preprocess it, it outputs nothing + +https://bugs.gentoo.org/499086 + +From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001 +From: Mike Frysinger +Date: Sat, 25 Jan 2014 05:44:47 -0500 +Subject: [PATCH] Revert "Make Makefiles OSF-make-friendly." + +This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34. +--- + crypto/Makefile | 4 +--- + crypto/bn/Makefile | 4 +--- + crypto/evp/Makefile | 2 +- + crypto/modes/Makefile | 5 +---- + crypto/sha/Makefile | 4 +--- + util/shlib_wrap.sh | 6 +----- + 6 files changed, 6 insertions(+), 19 deletions(-) + +diff --git a/crypto/Makefile b/crypto/Makefile +index b253f50..1de9d5f 100644 +--- a/crypto/Makefile ++++ b/crypto/Makefile +@@ -86,9 +86,7 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@ + ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@ + pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@ + alphacpuid.s: alphacpuid.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) alphacpuid.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + + subdirs: + @target=all; $(RECURSIVE_MAKE) +diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile +index b62b676..6c03363 100644 +--- a/crypto/bn/Makefile ++++ b/crypto/bn/Makefile +@@ -136,9 +136,7 @@ ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@ + ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@ + + alpha-mont.s: asm/alpha-mont.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) asm/alpha-mont.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + + # GNU make "catch all" + %-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@ +diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile +index ce0dcd6..88ac65e 100644 +--- a/crypto/modes/Makefile ++++ b/crypto/modes/Makefile +@@ -55,10 +55,7 @@ aesni-gcm-x86_64.s: asm/aesni-gcm-x86_64.pl + ghash-sparcv9.s: asm/ghash-sparcv9.pl + $(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS) + ghash-alpha.s: asm/ghash-alpha.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) asm/ghash-alpha.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) +- ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + ghash-parisc.s: asm/ghash-parisc.pl + $(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@ + +diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile +index 64eab6c..63fba69 100644 +--- a/crypto/sha/Makefile ++++ b/crypto/sha/Makefile +@@ -60,9 +60,7 @@ sha256-armv4.S: asm/sha256-armv4.pl + $(PERL) $< $(PERLASM_SCHEME) $@ + + sha1-alpha.s: asm/sha1-alpha.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) asm/sha1-alpha.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + + # Solaris make has to be explicitly told + sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@ +-- +1.8.5.3 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/metadata.xml index c3a9997785..84ddb514f8 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/metadata.xml +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/metadata.xml @@ -5,5 +5,9 @@ Disable EC/RC5 algorithms (as they seem to be patented) Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers) + Enable the Heartbeat Extension in TLS and DTLS + + cpe:/a:openssl:openssl + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8v.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8v.ebuild deleted file mode 100644 index cd1229d066..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8v.ebuild +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8v.ebuild,v 1.5 2012/05/25 17:41:49 vapier Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="2" - -inherit eutils flag-o-matic toolchain-funcs multilib - -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos sse2 test zlib" - -RDEPEND="gmp? ( dev-libs/gmp ) - zlib? ( sys-libs/zlib ) - kerberos? ( app-crypt/mit-krb5 ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -pkg_setup() { - # avoid collisions with openssl-1 (preserve lib) - if ! has_version dev-libs/openssl:${SLOT} ; then - ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1" - rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 - fi -} - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path - sed -i \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken - ./config --test-sanity || die "I AM NOT SANE" -} - -src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -src_compile() { - # depend is needed to use $confopts - emake -j1 depend || die "depend failed" - emake -j1 build_libs || die "make build_libs failed" -} - -src_test() { - emake -j1 test || die "make test failed" -} - -src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 || die -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8w.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8w.ebuild deleted file mode 100644 index 325504deb9..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8w.ebuild +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8w.ebuild,v 1.4 2012/05/25 17:41:49 vapier Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="2" - -inherit eutils flag-o-matic toolchain-funcs multilib - -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos sse2 test zlib" - -RDEPEND="gmp? ( dev-libs/gmp ) - zlib? ( sys-libs/zlib ) - kerberos? ( app-crypt/mit-krb5 ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -pkg_setup() { - # avoid collisions with openssl-1 (preserve lib) - if ! has_version dev-libs/openssl:${SLOT} ; then - ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1" - rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 - fi -} - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path - sed -i \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken - ./config --test-sanity || die "I AM NOT SANE" -} - -src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -src_compile() { - # depend is needed to use $confopts - emake -j1 depend || die "depend failed" - emake -j1 build_libs || die "make build_libs failed" -} - -src_test() { - emake -j1 test || die "make test failed" -} - -src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 || die -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8x.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8x.ebuild deleted file mode 100644 index 2d7bacf6f6..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8x.ebuild +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8x.ebuild,v 1.4 2012/05/25 17:41:49 vapier Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="2" - -inherit eutils flag-o-matic toolchain-funcs multilib - -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos sse2 test zlib" - -RDEPEND="gmp? ( dev-libs/gmp ) - zlib? ( sys-libs/zlib ) - kerberos? ( app-crypt/mit-krb5 ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -pkg_setup() { - # avoid collisions with openssl-1 (preserve lib) - if ! has_version dev-libs/openssl:${SLOT} ; then - ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1" - rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 - fi -} - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path - sed -i \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken - ./config --test-sanity || die "I AM NOT SANE" -} - -src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -src_compile() { - # depend is needed to use $confopts - emake -j1 depend || die "depend failed" - emake -j1 build_libs || die "make build_libs failed" -} - -src_test() { - emake -j1 test || die "make test failed" -} - -src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 || die -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8u.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8y.ebuild similarity index 92% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8u.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8y.ebuild index 8710be994d..8cb55a24fe 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8u.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8y.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8u.ebuild,v 1.5 2012/05/25 17:41:49 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8y.ebuild,v 1.8 2013/10/13 11:18:08 ago Exp $ # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat @@ -14,7 +14,7 @@ SRC_URI="mirror://openssl/source/${P}.tar.gz" LICENSE="openssl" SLOT="0.9.8" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" +KEYWORDS="alpha amd64 ~arm ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~sparc-fbsd ~x86-fbsd" IUSE="bindist gmp kerberos sse2 test zlib" RDEPEND="gmp? ( dev-libs/gmp ) @@ -53,8 +53,10 @@ src_prepare() { || die # show the actual commands in the log sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path + # update the enginedir path. + # punt broken config we don't care about as it fails sanity check. sed -i \ + -e '/^"debug-ben-debug-64"/d' \ -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ Configure || die diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0h.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0h.ebuild deleted file mode 100644 index 1e28ca9231..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0h.ebuild +++ /dev/null @@ -1,213 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0h.ebuild,v 1.7 2012/05/25 17:41:49 vapier Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib" - -# Have the sub-libs in RDEPEND with [static-libs] since, logically, -# our libssl.a depends on libz.a/etc... at runtime. -LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) - zlib? ( sys-libs/zlib[static-libs(+)] ) - kerberos? ( app-crypt/mit-krb5 )" -RDEPEND="static-libs? ( ${LIB_DEPEND} ) - !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 -} - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch - epatch_user #332661 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - ./config --test-sanity || die "I AM NOT SANE" -} - -src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -src_compile() { - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend || die - emake all || die - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash || die -} - -src_test() { - emake -j1 test || die -} - -src_install() { - emake INSTALL_PREFIX="${D}" install || die - dobin "${WORKDIR}"/c_rehash || die #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${D}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die - rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${D}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0j.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0j.ebuild index 32f4784075..272e5355d8 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0j.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0j.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0j.ebuild,v 1.9 2012/05/25 17:41:49 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0j.ebuild,v 1.10 2013/02/08 06:17:18 vapier Exp $ EAPI="4" @@ -10,7 +10,7 @@ REV="1.7" DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" HOMEPAGE="http://www.openssl.org/" SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" SLOT="0" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1a.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r1.ebuild similarity index 76% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1a.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r1.ebuild index 212abe0bed..3add312374 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1a.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r1.ebuild @@ -1,21 +1,21 @@ -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1a.ebuild,v 1.6 2012/05/25 17:41:49 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e-r1.ebuild,v 1.17 2014/01/16 17:37:37 vapier Exp $ EAPI="4" inherit eutils flag-o-matic toolchain-funcs multilib REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" HOMEPAGE="http://www.openssl.org/" SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc -ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" # Have the sub-libs in RDEPEND with [static-libs] since, logically, # our libssl.a depends on libz.a/etc... at runtime. @@ -39,7 +39,8 @@ src_unpack() { unpack ${P}.tar.gz SSL_CNF_DIR="/etc/ssl" sed \ - -e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ + -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ + -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ > "${WORKDIR}"/c_rehash || die #416717 } @@ -51,13 +52,13 @@ src_prepare() { if ! use vanilla ; then epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch - epatch "${FILESDIR}"/${P}-hmac-ia32cap.patch + epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch + epatch "${FILESDIR}"/${P}-bad-mac-aes-ni.patch #463444 + epatch "${FILESDIR}"/${PN}-1.0.1e-perl-5.18.patch #483820 epatch_user #332661 fi @@ -70,20 +71,22 @@ src_prepare() { -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ -e $(has noman FEATURES \ && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ Makefile.org \ || die # show the actual commands in the log sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die chmod a+rx gentoo.config append-flags -fno-strict-aliasing append-flags $(test-flags-CC -Wa,--noexecstack) - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die ./config --test-sanity || die "I AM NOT SANE" } @@ -106,6 +109,16 @@ src_configure() { local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + if ! use bindist ; then + echo "__uint128_t i;" > "${T}"/128.c + if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + fi + fi + local sslout=$(./gentoo.config) einfo "Use configuration ${sslout:-(openssl knows best)}" local config="Configure" @@ -116,6 +129,7 @@ src_configure() { $(use sse2 || echo "no-sse2") \ enable-camellia \ $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ enable-idea \ enable-mdc2 \ $(use_ssl !bindist rc5) \ @@ -123,9 +137,10 @@ src_configure() { $(use_ssl gmp gmp -lgmp) \ $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=${SSL_CNF_DIR} \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ --libdir=$(get_libdir) \ shared threads \ || die @@ -171,15 +186,15 @@ src_install() { # build system: the static archives are built as PIC all the time. # Only way around this would be to manually configure+compile openssl # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${D}"/usr/lib*/lib*.a + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a # create the certs directory dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die - rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} # Namespace openssl programs to prevent conflicts with other man pages - cd "${D}"/usr/share/man + cd "${ED}"/usr/share/man local m d s for m in $(find . -type f | xargs grep -L '#include') ; do d=${m%/*} ; d=${d#./} ; m=${m##*/} @@ -201,7 +216,7 @@ src_install() { [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl diropts -m0700 keepdir ${SSL_CNF_DIR}/private @@ -213,8 +228,8 @@ pkg_preinst() { } pkg_postinst() { - ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null eend $? has_version ${CATEGORY}/${PN}:0.9.8 && return 0 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1b.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r2.ebuild similarity index 75% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1b.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r2.ebuild index c813c87fe0..108b1db0fa 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1b.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r2.ebuild @@ -1,21 +1,21 @@ -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1b.ebuild,v 1.3 2012/05/25 17:41:49 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e-r2.ebuild,v 1.1 2013/10/23 16:10:35 vapier Exp $ EAPI="4" inherit eutils flag-o-matic toolchain-funcs multilib REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" HOMEPAGE="http://www.openssl.org/" SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" # Have the sub-libs in RDEPEND with [static-libs] since, logically, # our libssl.a depends on libz.a/etc... at runtime. @@ -39,7 +39,8 @@ src_unpack() { unpack ${P}.tar.gz SSL_CNF_DIR="/etc/ssl" sed \ - -e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ + -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ + -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ > "${WORKDIR}"/c_rehash || die #416717 } @@ -51,12 +52,14 @@ src_prepare() { if ! use vanilla ; then epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch + epatch "${FILESDIR}"/${P}-bad-mac-aes-ni.patch #463444 + epatch "${FILESDIR}"/${PN}-1.0.1e-perl-5.18.patch #483820 + epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 epatch_user #332661 fi @@ -69,20 +72,22 @@ src_prepare() { -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ -e $(has noman FEATURES \ && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ Makefile.org \ || die # show the actual commands in the log sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die chmod a+rx gentoo.config append-flags -fno-strict-aliasing append-flags $(test-flags-CC -Wa,--noexecstack) - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die ./config --test-sanity || die "I AM NOT SANE" } @@ -105,6 +110,17 @@ src_configure() { local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + local sslout=$(./gentoo.config) einfo "Use configuration ${sslout:-(openssl knows best)}" local config="Configure" @@ -115,6 +131,7 @@ src_configure() { $(use sse2 || echo "no-sse2") \ enable-camellia \ $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ enable-idea \ enable-mdc2 \ $(use_ssl !bindist rc5) \ @@ -122,9 +139,10 @@ src_configure() { $(use_ssl gmp gmp -lgmp) \ $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=${SSL_CNF_DIR} \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ --libdir=$(get_libdir) \ shared threads \ || die @@ -170,15 +188,15 @@ src_install() { # build system: the static archives are built as PIC all the time. # Only way around this would be to manually configure+compile openssl # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${D}"/usr/lib*/lib*.a + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a # create the certs directory dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die - rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} # Namespace openssl programs to prevent conflicts with other man pages - cd "${D}"/usr/share/man + cd "${ED}"/usr/share/man local m d s for m in $(find . -type f | xargs grep -L '#include') ; do d=${m%/*} ; d=${d#./} ; m=${m##*/} @@ -200,7 +218,7 @@ src_install() { [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl diropts -m0700 keepdir ${SSL_CNF_DIR}/private @@ -212,8 +230,8 @@ pkg_preinst() { } pkg_postinst() { - ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null eend $? has_version ${CATEGORY}/${PN}:0.9.8 && return 0 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r3.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r3.ebuild new file mode 100644 index 0000000000..f0d1f3e673 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r3.ebuild @@ -0,0 +1,241 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e-r3.ebuild,v 1.1 2013/12/20 19:26:59 vapier Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs multilib + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" + +# Have the sub-libs in RDEPEND with [static-libs] since, logically, +# our libssl.a depends on libz.a/etc... at runtime. +LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) + zlib? ( sys-libs/zlib[static-libs(+)] ) + kerberos? ( app-crypt/mit-krb5 )" +# The blocks are temporary just to make sure people upgrade to a +# version that lack runtime version checking. We'll drop them in +# the future. +RDEPEND="static-libs? ( ${LIB_DEPEND} ) + !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} ) + ! "${WORKDIR}"/c_rehash || die #416717 +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch + epatch "${FILESDIR}"/${P}-bad-mac-aes-ni.patch #463444 + epatch "${FILESDIR}"/${PN}-1.0.1e-perl-5.18.patch #483820 + epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 + epatch "${FILESDIR}"/${P}-tls-ver-crash.patch #494816 + epatch "${FILESDIR}"/${P}-rdrand-explicit.patch + epatch_user #332661 + fi + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die + ./config --test-sanity || die "I AM NOT SANE" +} + +src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + echoit \ + ./${config} \ + ${sslout} \ + $(use sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ + $(use_ssl zlib) \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend + emake all + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash +} + +src_test() { + emake -j1 test +} + +src_install() { + emake INSTALL_PREFIX="${D}" install + dobin "${WORKDIR}"/c_rehash #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a + + # create the certs directory + dodir ${SSL_CNF_DIR}/certs + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${ED}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1c.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e.ebuild similarity index 85% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1c.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e.ebuild index 5d054eda3f..0c4514a7e7 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1c.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1c.ebuild,v 1.10 2013/02/03 23:44:01 ago Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e.ebuild,v 1.4 2013/11/26 07:27:00 polynomial-c Exp $ EAPI="4" @@ -10,11 +10,11 @@ REV="1.7" DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" HOMEPAGE="http://www.openssl.org/" SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" SLOT="0" -KEYWORDS="~alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" +KEYWORDS="ppc64" IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib" # Have the sub-libs in RDEPEND with [static-libs] since, logically, @@ -39,7 +39,8 @@ src_unpack() { unpack ${P}.tar.gz SSL_CNF_DIR="/etc/ssl" sed \ - -e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ + -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ + -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ > "${WORKDIR}"/c_rehash || die #416717 } @@ -51,12 +52,11 @@ src_prepare() { if ! use vanilla ; then epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch epatch_user #332661 fi @@ -69,20 +69,20 @@ src_prepare() { -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ -e $(has noman FEATURES \ && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ Makefile.org \ || die # show the actual commands in the log sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die chmod a+rx gentoo.config append-flags -fno-strict-aliasing append-flags $(test-flags-CC -Wa,--noexecstack) - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 ./config --test-sanity || die "I AM NOT SANE" } @@ -123,8 +123,8 @@ src_configure() { $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ $(use_ssl rfc3779) \ $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=${SSL_CNF_DIR} \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ --libdir=$(get_libdir) \ shared threads \ || die @@ -170,15 +170,15 @@ src_install() { # build system: the static archives are built as PIC all the time. # Only way around this would be to manually configure+compile openssl # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${D}"/usr/lib*/lib*.a + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a # create the certs directory dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die - rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} # Namespace openssl programs to prevent conflicts with other man pages - cd "${D}"/usr/share/man + cd "${ED}"/usr/share/man local m d s for m in $(find . -type f | xargs grep -L '#include') ; do d=${m%/*} ; d=${d#./} ; m=${m##*/} @@ -200,7 +200,7 @@ src_install() { [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl diropts -m0700 keepdir ${SSL_CNF_DIR}/private @@ -212,8 +212,8 @@ pkg_preinst() { } pkg_postinst() { - ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null eend $? has_version ${CATEGORY}/${PN}:0.9.8 && return 0 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0i.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1f.ebuild similarity index 66% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0i.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1f.ebuild index e095154023..a31e4f7867 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0i.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1f.ebuild @@ -1,29 +1,34 @@ -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0i.ebuild,v 1.9 2012/05/25 17:41:49 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1f.ebuild,v 1.14 2014/01/26 11:59:33 ago Exp $ EAPI="4" inherit eutils flag-o-matic toolchain-funcs multilib REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" HOMEPAGE="http://www.openssl.org/" SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" # Have the sub-libs in RDEPEND with [static-libs] since, logically, # our libssl.a depends on libz.a/etc... at runtime. LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) zlib? ( sys-libs/zlib[static-libs(+)] ) kerberos? ( app-crypt/mit-krb5 )" +# The blocks are temporary just to make sure people upgrade to a +# version that lack runtime version checking. We'll drop them in +# the future. RDEPEND="static-libs? ( ${LIB_DEPEND} ) - !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )" + !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} ) + ! "${WORKDIR}"/c_rehash || die #416717 } @@ -44,13 +50,18 @@ src_prepare() { # that gets blown away anyways by the Configure script in src_configure rm -f Makefile - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch - epatch_user #332661 + if ! use vanilla ; then + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1f-perl-5.18.patch #497286 + epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 + epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 + epatch_user #332661 + fi # disable fips in the build # make sure the man pages are suffixed #302165 @@ -61,20 +72,22 @@ src_prepare() { -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ -e $(has noman FEATURES \ && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ Makefile.org \ || die # show the actual commands in the log sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die chmod a+rx gentoo.config append-flags -fno-strict-aliasing append-flags $(test-flags-CC -Wa,--noexecstack) - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die ./config --test-sanity || die "I AM NOT SANE" } @@ -97,6 +110,17 @@ src_configure() { local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + local sslout=$(./gentoo.config) einfo "Use configuration ${sslout:-(openssl knows best)}" local config="Configure" @@ -107,6 +131,7 @@ src_configure() { $(use sse2 || echo "no-sse2") \ enable-camellia \ $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ enable-idea \ enable-mdc2 \ $(use_ssl !bindist rc5) \ @@ -114,9 +139,10 @@ src_configure() { $(use_ssl gmp gmp -lgmp) \ $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=${SSL_CNF_DIR} \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ --libdir=$(get_libdir) \ shared threads \ || die @@ -139,20 +165,20 @@ src_configure() { src_compile() { # depend is needed to use $confopts; it also doesn't matter # that it's -j1 as the code itself serializes subdirs - emake -j1 depend || die - emake all || die + emake -j1 depend + emake all # rehash is needed to prep the certs/ dir; do this # separately to avoid parallel build issues. - emake rehash || die + emake rehash } src_test() { - emake -j1 test || die + emake -j1 test } src_install() { - emake INSTALL_PREFIX="${D}" install || die - dobin "${WORKDIR}"/c_rehash || die #333117 + emake INSTALL_PREFIX="${D}" install + dobin "${WORKDIR}"/c_rehash #333117 dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el dohtml -r doc/* use rfc3779 && dodoc engines/ccgost/README.gost @@ -162,15 +188,15 @@ src_install() { # build system: the static archives are built as PIC all the time. # Only way around this would be to manually configure+compile openssl # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${D}"/usr/lib*/lib*.a + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a # create the certs directory dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die - rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} # Namespace openssl programs to prevent conflicts with other man pages - cd "${D}"/usr/share/man + cd "${ED}"/usr/share/man local m d s for m in $(find . -type f | xargs grep -L '#include') ; do d=${m%/*} ; d=${d#./} ; m=${m##*/} @@ -192,7 +218,7 @@ src_install() { [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl diropts -m0700 keepdir ${SSL_CNF_DIR}/private @@ -204,8 +230,8 @@ pkg_preinst() { } pkg_postinst() { - ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null eend $? has_version ${CATEGORY}/${PN}:0.9.8 && return 0