diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog index c3362ecd0d..96f2450410 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog @@ -1,39 +1,6 @@ # ChangeLog for dev-libs/openssl # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.681 2015/07/13 10:21:13 vapier Exp $ - - 13 Jul 2015; Mike Frysinger - files/openssl-1.0.1p-default-source.patch: - Add upstream bug URL. - - 10 Jul 2015; Agostino Sarubbo openssl-1.0.1p.ebuild: - Stable for sparc, wrt bug #554172 - - 10 Jul 2015; Agostino Sarubbo openssl-1.0.1p.ebuild: - Stable for ppc, wrt bug #554172 - - 10 Jul 2015; Agostino Sarubbo openssl-1.0.1p.ebuild: - Stable for ia64, wrt bug #554172 - - 10 Jul 2015; Tobias Klausmann openssl-1.0.1p.ebuild: - Stable on alpha, bug 554172 - - 10 Jul 2015; Mike Frysinger openssl-1.0.1p.ebuild: - Mark arm64/m68k/s390/sh stable #554172. - - 10 Jul 2015; Jeroen Roovers openssl-1.0.1p.ebuild: - Stable for HPPA (bug #554172). - - 10 Jul 2015; Jeroen Roovers openssl-1.0.1p.ebuild: - Stable for PPC64 (bug #554172). - - 10 Jul 2015; Mike Frysinger - +files/openssl-1.0.1p-default-source.patch, openssl-1.0.1p.ebuild, - openssl-1.0.2d.ebuild: - Use _DEFAULT_SOURCE with newer glibc versions #554338 by Agostino Sarubbo. - - 09 Jul 2015; Mikle Kolyada openssl-1.0.1p.ebuild: - arm stable wrt bug #554172 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.671 2015/07/09 15:04:23 ago Exp $ 09 Jul 2015; Agostino Sarubbo openssl-1.0.1p.ebuild: Stable for x86, wrt bug #554172 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest index 70738c254d..406993c423 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest @@ -1,39 +1,87 @@ -AUX gentoo.config-0.9.8 4135 SHA256 c20dbc096a75746746792a60b3551796c7d15f097b130f6163374ac5506e975b SHA512 5e53f623aff0960e8b462d62078eaf56d16f8894db7436e47a902be6c0f3ae680be281981fa542aeac169a84bc8f31a9b617c809ec30a776ebe3b2632c663a72 WHIRLPOOL fed064bbc3b5857f59e970b71770acfdc124efddf21116cb7c2b65781dfc640cf86876d3155037735809bd0e0b24bcaa008e10e2e757bb384b2a03f5d65172c0 -AUX gentoo.config-1.0.1 4870 SHA256 400fde9cee97e93c62690bfe3d5f434182e786f481dbac8bc0ed03e1d8587096 SHA512 0b18353e406c14f1404320ec9a61d0c2b0ba8649cadab6c672ef146c611a686bab65166f2772b5ea6b7b61a26d61a0dc011adb9bbbb3d29049979a9fd2df9a4a WHIRLPOOL 5ff7f4007838be90225c2b75135a401354d2649052631a05c0e6bd7431e7bbb22d5ae5fac7cbd4caae7ed882b19beaeb7e1985debb9f8c67f9b6e05238e21d9e -AUX gentoo.config-1.0.2 4905 SHA256 98a4c1e2cef5a2378d5dcc61f661300333a6c5c0ba4e3c82590f688e33117604 SHA512 4c13371fb7d0c33f015ed559951c755dabc35279c91d7490578a008087f62c1a94d69e309d4a113bf23e5ad7085e2eec5692152b3d7b1c3130cb64dc2a002632 WHIRLPOOL 64d9cc378ff32bb78a8d0edea25b6519c65af5faf3a7b22713bf19881f61385271e352814460f16375effeccc743c82642e8175aa2590f352b2909748513e120 +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +AUX gentoo.config-0.9.8 4246 SHA256 a38f4a9af890303d764b04eab64dd618b60599762d3ab3286b667c1ee38d2b75 SHA512 04ca7a9cb42762060216cf2696003d1087b1504e7f79278b0509b6a03da0bba0a13cdbe9fd713754379e09dc6bf0e7354fc1bcbaf8a7d75f4a400fe6c8868ab7 WHIRLPOOL 3d5524dda714eec5236b7d15e36c0633d75c750ba5555df2c5da59781cd6d0005f5810dad001758635def1894f27f83fde45e80f51c5467603c54a2b1389e22a +AUX gentoo.config-1.0.0 4748 SHA256 67ae024ebb87a8236a358a081f2d9b038eef2d0f432705d05063274e7af28b4e SHA512 c68b7eb3d07a3b619f6c3e5f508e594efe2991aef91d8904019f967c20a7e9e9604d8fce1271b5bc247856411e81a800eed7710da46645b9d5d9e5cb184ab99b WHIRLPOOL a849c1ea7d7d0dfeac675636e801dd050c66866f6327e6619f233ede0fc0e59f5f2f554f7812a0c33bd40d76a7ba85ca3aab0a00f964e971de97f5af11a527bc +AUX gentoo.config-1.0.1 4980 SHA256 e7dd01bc76f0262c91b0a3a56bbf0675feedd6d5c6e61f8dcb5e3c538b113424 SHA512 1900cf603954dc4213d84d2f1f10fb74310dd8134f9c1bcf5f633a45e2ab27398f51656ac2f4165f86be78b19283374689766e3a5d7b43e16afeff884f31a1a0 WHIRLPOOL 2fd9eb3e46a262509f46f5ee6cef963e0bf32ff2c2dc3acb2fdf890326b4db801c0c90814df6f206fc6bc8aaf1184eb68289beb33e36dcebd890bb9e2855545a AUX openssl-0.9.8e-bsd-sparc64.patch 1484 SHA256 8a79f022a17a7fadb4eb708538b41a7a034e21ad84162beb1f7fa7cff5eb487e SHA512 dbbfae5ce19a4247a6b1ca4a45ca6c15904e13e6bf603447cb5d9820292ceb411792e29db0001c5869e3c4cb0a8afe7fb64d35f007052efc68098301c2e81def WHIRLPOOL 36959cfb8a3f2ac05b28fb6c0e28574f0267ddb6f89471e663ee370a1a1ce3e6c85c6a637098acdac4644f4c20370e2775d9c2610ff03a5ae2a7662d79a60e95 AUX openssl-0.9.8h-ldflags.patch 1151 SHA256 29fe4b5e51cbe330451e505a5be9a74a3c83bebdca677848097967cf62f1770f SHA512 7f98c5ad310710aeceefd6fac440682bf2baaf41ce17de535add54af88c45fa0689e6e6c26bafb4fe2290fd3b6d80c51d85ffda1e276a73a3d66a319585aab11 WHIRLPOOL 43069cdcf5ae1b644a73292fc53c148e8356786069dfaadaba9e0f21b1adba5c14dbdfe061c4cffedefa072bc99d54b2af9a39b1063dcef7ab54bb45d01a7ce8 AUX openssl-0.9.8m-binutils.patch 684 SHA256 1e4475f7183ec237d129b686d4ca5265bf7eb34642e7d9e77cbe8ad9a97b4876 SHA512 5e8a20111bd4809e7375c7323dab2c2edd6a131d1ec2377ee99c5e06ceb7b4b000e9606ba6d0e68cd67d8e001cc8194e11e301eace0feb066d5f3c5b331b5f04 WHIRLPOOL dd4a0329e571e4f9322806fce2e6c510b978b68e5c6c64bfbe6993da16989c1a5451fe1e5b0509c0022925ca356cf3309799cdc204998107425fb016cb49da2d +AUX openssl-0.9.8ze-CVE-2015-0286.patch 9784 SHA256 9c599a0e5d174ac26f1957aac085d86941972af02754d4faa94994880e43bc60 SHA512 f7864beb8b7a69fb5be7e5455b7b38583cb74f3acf8a959454eab66f111feea13a37e71cdf6545718ab6b0f037bedc903b736c55bad72f09bfd49018f53f2832 WHIRLPOOL 6f820b1195c26d34ff0d2daa3c763fb2c2a4a93ed4c8fe16dcc373fa88f97f2d4bbc9b5fc253fe8178de0adcc4164fafcd886a78223b383b103a7cabad71a9cd AUX openssl-1.0.0a-ldflags.patch 1095 SHA256 17bb0b9988de0be6b8bb916d953d5d62cf054943f3bc24c5d7c8fea91d864350 SHA512 80c3677313a6268fdc2eb7b556dc081f1047694cf932a8669820923952bf0e3002da4cd92d6a335b44f8a6ece7d88319c15e9c0171118bfc03ff7a9b718726d8 WHIRLPOOL 55bc5d8f0ee620d8e56215572a6eb65a06ff9bf180d6b33f6db74e2129e5373252238772ba6db25293f398a6713b7259c6ae959b15ce8292da9aeb3071a34243 AUX openssl-1.0.0d-windres.patch 2912 SHA256 e5dbfd6af69bc3f69b51787cf1f6245207be9824dfffbdd9b4e278772ed8ab32 SHA512 d7a0238edea29aac7d20dca0778c67f8ae4dc0da190e5277e1b3519ae536f2c44533ac5dc1cbcd138bc4277ad669b13fca316bd962f26e2cb387f2ad3fd0111b WHIRLPOOL d62156820e55898d0a0393473c6ad8e49c5aa7bb9d3fc7043795de7102c3003d5f8b874c751e03cf832e306ac290790e871e1318bb830b3558a43e09be5b45b4 +AUX openssl-1.0.0e-parallel-build.patch 9055 SHA256 dc7b14a29d4efc26bf14c5c37e9c3696448826a639ebf9c8485f9f2ddd7efc9b SHA512 1c34083ae3b4833792a0236a6fc73d14056aeb4f4ad086be42865f46dc81a15f017f76cc82c5e8d7cc296f6c7826fb060bf5388cba1653dc7d1fda78208513c5 WHIRLPOOL 5d31f5fdbddad7869912762bb39bcb0e93b0cfc81f3e3a5833f35517349662b9c59369524a05848fde92be600e8decc486219913a0ca3ea27761736cbee96ead AUX openssl-1.0.0h-pkg-config.patch 1363 SHA256 dbbcc175f02e5edced01a13dd1e7d35dc4322c0970f78a7fd781a6c0766886af SHA512 c2f7a68c96098bd742235a40f27d6b1e5a0ebece53ca32dd0be74b85210479064efa1d5dc76e457b786067185768492fab2ed53762a22c511c2a2e3d43ed137b WHIRLPOOL 7f795dbed2124d8d2d126886d106675662f09b8e79c70fa2af3298486fdb75b7f1285dc17a53daf985bd4af1e58c36e13e49f46d18af860f0dabad1b3898c3b0 +AUX openssl-1.0.0r-x32.patch 3851 SHA256 a6cfbd7b761b25fedb287f3b3b741a1c0fcff8ae3bc28da0ceeb7cd2d6cbb496 SHA512 3f5cb466367b32779fdb0a2e09cba85f28395884bf5872802b438f565b4da3c0b54db18553d4952c40009b91e2b02f84956ef8a232dca49db76ff5d370ae4e05 WHIRLPOOL c9316c6b4075d1a4fa1580d49fb6b98dbe41c9846ff2788fd1259d780a56fa45104b31a7920374805f565bdd35488bc4bff4ddb43a1a67538d4d59e744840fdc +AUX openssl-1.0.1-parallel-build.patch 10614 SHA256 f3aa674880ffa53a891d3f9054a1ff162c4461b3ec160a365990275907636259 SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 WHIRLPOOL 673f6f045765effb9ded607bf8116a81e7bfeee78ba0e8a34892081c272239a2b75fbb14f4c48b61d93593fac8e1b1e8bef7223f4cc64e8443e19c8f337ab6bc +AUX openssl-1.0.1-x32.patch 3273 SHA256 a4f05b8757e225a05a9c5a3ea485159066760d878c9ee54c4eaf61760e33c6cf SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 WHIRLPOOL 1366632e7dc1c6e54efc5b9791bf24833d20e7a61ca29aa38d31b5b9629febf926a29742e370b7cd6767c810c0a1676100ca9169f0d836dfd19ff0b2c29e49c1 +AUX openssl-1.0.1e-s_client-verify.patch 592 SHA256 6f540fce663eefbe68cee16ad7d8d561d6c898eeb4180c2f4a4caa7e43c6d0c9 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 WHIRLPOOL 70a4cc36b1dcb24d7e9bcef016684fb2394977f7f20aa332ebd0aa15e3f4c16c74563d2fc0ba8d70669f6cc9a13bf8a30cdb28ebafe2d102cd2859a4e32c38d7 AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3102 SHA256 6e502275b32ac0eca80f28448ae1bb88506f9135258f420fd857ea0b9b485778 SHA512 c80439da3d268e70fd492d0ca73c0a17ddb088b9330610794a338d1921ee13dad9caca4c81ca103b82a7541c8712f77e51f352ec1b1b02789d9aed291acb0cdc WHIRLPOOL cb760366c8759b1c78c5307134bb48c4fc12b1556276c2ef55455ea54725d20cb433ade966a7453f512d2feb5ae89a9798078ab535e4605366633a8e003c7ac6 +AUX openssl-1.0.1h-ipv6.patch 17788 SHA256 7adeeb88cc544f8b210efbe2baff48fccf5029b582dff7010ae70e0e1f097d7b SHA512 0f0990d4294abcb5f3e51c84080883046a054c710b57a23f99b3323727d5e9aeb5ddeb6b6c2565b4be364f7c21419c90ce5288154e404cd663678f87e0d1c259 WHIRLPOOL cfe7a2e141a4a6252ffcfe215b16dd1082bc14a757dad7eb01bb9819de41ef0ee51a4b2dbf110c27b52e483341c337bf4d1f77f4f9f3172d2fee9e348c30af7e +AUX openssl-1.0.1l-CVE-2015-0286.patch 10790 SHA256 3d234f4b7bd79b7de1a6fe2f42016531732c81dcb73af45edc5b280858d32cb8 SHA512 432a9e556df26e3f0059f53556dbc088cfe7e30e2c38354e7a7879bb4db204330702ab8050b9b31b3ef48badb8f0abdbf047445b71aa0c4c96f5aeb0bf16f9df WHIRLPOOL c4834efebdca3bee769819fee40099f2d83f4282db98a96da853164dae2639adaef18fe3caf87801f52e53b47752a99fd693aab66239e30344b714119c4c1c7a AUX openssl-1.0.1m-ipv6.patch 19626 SHA256 335bef8cca314593a71d81d9225ec81b95fcfc4183cffb1846d6247e907b53fe SHA512 924a5d1925a8d0c62d2615a05ce76dcb83046ee02d578097eac0bf0145460d97965c974674c6340a08347261440cf0d67b8fe9b6ee8a2853774596dc7e1e1dba WHIRLPOOL 82ffe7d315dcd8f903633faad00ef03377ca9d451b9dc045b4ce51222dac3314ea17fc7a6d468115b4ebfa98ca2b7407281e7e9abe4877da123201e32fd632b3 +AUX openssl-1.0.1m-parallel-build.patch 11132 SHA256 87e9694d79ca6cc85a140e67eedf056e8d57cda45d904bc4445a52e810bba161 SHA512 4f5bde6deae9fe609f248eacb7f2d09276371a608508a3edf8032026291858767feb47d03b6233322008b40dfe5399a3bd2780186036311eae83fd417fe883fa WHIRLPOOL 22698861059f95f134ccbbddd23a39e5260015482e626a046183ffdc81948893e685da7e7d1f95dad5b9f78acc2399fa9505bfe7be87e1464dadc6c6f2eaf4ee +AUX openssl-1.0.1m-s_client-verify.patch 803 SHA256 bac4ce4d0ee9213dd63e95d8d6dcca11da6e4d4991c3005247bfdd34c3996e82 SHA512 a1b5fb62fce5ba33cb1aea889c4e726542c9d0aea701bd7ca2e9c2078746205305b64401f2e3766ba3bb49038f725c384d2d47ce19149f46cecd55b915c93cdc WHIRLPOOL ccfa8298a1fc0ba3acaf582bd80a7ca3932df197aca9cf9c9cc041fb8aa1512705faa1d8225df69a88bdaa17e2748bb686b1cfd76c630d2bd418e825988de7ca AUX openssl-1.0.1m-x32.patch 3306 SHA256 ef4be84cb0cdf7e9d551ddd87029f4c63ed833fe5af1de996ce9d770b0482c2c SHA512 365e8898cdfbafe89e5c0fd6859019314f63e14e5989e04ff392e5a95520a61c9e580136b5abbd8f7a4734e4c999155a73d68d1ecbd3fd46efebbbdf8d5e12dc WHIRLPOOL e7d0394eff912c5fb34f075f4a7491a207479ab520109f588ce89a15ef0b233567dbb3a5691ecf961fdfc218c25f09d17d7d28e8d117dc5befae4db0e9be2018 -AUX openssl-1.0.1p-default-source.patch 861 SHA256 390b6857e76cd0513a089ff3eeed60097c3b30bec4b004bb6adbb8eaab02dc4a SHA512 cbd47ae5553ec0e683a92171cb1c2e68d7eb0cf2b1787e3fe332ca2df0aefa31a1a74d60345d5e42d00bdda439019d089560cf2f5464dfe19ff7a3d6a310d06b WHIRLPOOL d734c8776c2d4f17a562f580f676de08bf35e07b04005f1c2a6e7f2752e3a1b57f6d771195f84d7d9709bf2e669b119fe3ae37e473de192e9c10a8ffb1c8969f AUX openssl-1.0.1p-parallel-build.patch 11063 SHA256 7644435a161d7fd6c8f13c887b7f9913abd90fef0207ec29b351c0623f978ecd SHA512 3ef5cda8516739c376a558d75eebd0722913ac0a96dcd4f799469a5c95396f6f703219fc29a77d7ff9b62d65962b8d2cd0b41507fd1ee579ec5e3a307eca0048 WHIRLPOOL c5bbaecb556e8a01ad264f1ee9249ec340f51d9e08054627bb9cb7da1cfb7a0c42075172615a4e588d5b8dd4692a917fffbee38f54c4f32ac4b648254798e404 +AUX openssl-1.0.2-CVE-2015-0209.patch 1282 SHA256 6be2b1fa0d440bc1c1b15da4a9d32811a04c3e7c701678eb8ee72454bbf87401 SHA512 db5b73c815582453d3231d49c9c24d60824e56f67a74f815818d0f90bccd485e98a98b449386aa297fa055b5fc27e2a058c03bc410478fb98051a729ac75b4db WHIRLPOOL 46ddfaff115622e2426c544e757bf882fc5069f35d169189cf277d90a5ad36c274beaf1ff89cdc593e2e5cd1593588c389262dce3bb6a166c5fd7eb908458fec +AUX openssl-1.0.2-CVE-2015-0288.patch 800 SHA256 613acdc06a22ec5cbc274cc39022b1fa1fd73e409551493bcab6d4a273983484 SHA512 4785d9c4620492c4997cbe7c83a42a9804a9e8c3d94e35dd7d3e6bd16f607a9b294b77123686f24c953e6330f96907008dccf1379648d806fa85bbdd20b81ca0 WHIRLPOOL 738831379e3c117f260306e2f39aacd51b895ed4bcb7dd0189f14a7301c09ffd4fbd882fbd05d7e71cd6c9524fc289124909e5fd2dcc23607fa4ce71ba3a0df7 +AUX openssl-1.0.2-CVE-2015-0291.patch 16069 SHA256 be4f9fa463a027e7c77396a8d3ddc1d6ad6c0bbc8b07c2f7af0738621c619710 SHA512 2ee10f21ce02f1c46ee6c446c60d4e1e3af05366769603f38c971018ce07341369db87cb050432d0501f152cabf377c03848df501694ea46ef2f6578d19cf030 WHIRLPOOL 1ea004fe43633b18c91a8cf390285c274b1c05d3bed313ccc6f9bebb92e0b313504f17d4fe41a643feedc626a8851c6e568b34b2d5bf7d62683e170f5c3e5301 AUX openssl-1.0.2-ipv6.patch 18811 SHA256 9ff3150c75f3f3e6a9773ffe54d90994cbf68cc919134aea68e09e7ed921763d SHA512 58e293f8f19a3fad08729b842dd977b73fedb0c49208d87a056bfea857c0e2b79a310d7d098c04429b65564fce64defeda6d1dcc3068ad5a80ef276db6421e54 WHIRLPOOL 36a0fffc7238011b93077bed94c9507f2ffc1cf199e6c06e94d01589cdc84a6568b9122e1a120b8262bd0a1c43f25169a29796c92a78338dd9f03b4cc2cdf0b8 +AUX openssl-1.0.2-parallel-build.patch 10661 SHA256 bc5622150a964dc2d9909f41557140b696ce1bdfa4e2b12cc3e0e51029ead32b SHA512 a4957304a4424016cd8a1c6552c422cd042d737e12f96235ec54d1e601ccbe8cb79d931ac8777d1a599bd4a70eac4e6700a24362f14fb04eb273df82f2de0d01 WHIRLPOOL 5b34e45dcb0db6649e26d275925ca008f5201afbc22184e15c5324513bc0ed40ee271a70686e10a20bb219b3c4bd2148323b317ead97cdc27a3c897c0a07d228 AUX openssl-1.0.2-s_client-verify.patch 648 SHA256 b6ca2278dd9833f87a1d0037cb3cac8aee0f8326ff13ece1f08a536b8545eb77 SHA512 78b09ae700096205582785584a268776af46fc5bc94a0faa1ce6087ffcc945649e69269ff7fa88dedd5df1a5cdecc53e885de1e39506470f23b02028ca962104 WHIRLPOOL 8e7c90d37c1736b4b2f2c38d1c12dcfee4996a50a2a7dd07645a0c0b6616006d11232dd0f88ab735833e1c46aa171ceb5e1288c3d57296010bdda59295de7599 AUX openssl-1.0.2a-malloc-typo.patch 1440 SHA256 f911737f715f8af87786cc46a196b78c7d9af0fbb4af77bff178dc817ee9d9c6 SHA512 5b4c9bcd24a80bcb17e21ffdd88b1a58f1794ae6069e773483ed1595022d212ace521aef3faa90df489b549fc60c0e871d5d711859a599b6373dc67af29a0c4b WHIRLPOOL 18d3e7b1df3b15b08aaa260081d54125c9f0cdc65c77ccc0ae5c642c5752fcb58e31e905bb1fb6c73736d1dee3f22dd1a7c399df8b3f6baeb47e9dbae5d26937 AUX openssl-1.0.2a-parallel-build.patch 9573 SHA256 db2dcdb27062923d2818f988787bb802c292053d1d8a5bf032800e658c7bd196 SHA512 eef70d7662fe1c84ea8a998b1b394900805a91ae371a99e45ea07725ac218ffd6be5b75add647724e1a6b5556884bcb4a5be31b97254fd62b63aeead7ff701e3 WHIRLPOOL cbd5822db1da8e59b604f502856586c7251aa31594eefb3cfb4c0aa6bc33587df6298a245b8f733486d7a3f053bb33ff29066725dd4430dc9f9b2c54bb5464dc AUX openssl-1.0.2a-parallel-install-dirs.patch 2013 SHA256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 SHA512 c3b97fa318b9627bcaf4f39d1615c46322c1081cded135af5b5115beb2be74ead46084119fce5643b12c54b6851c33bfb624694ccf6f3d32060b6d56239d3674 WHIRLPOOL 59228ad2796e28edf7508a3b3bbdab36f7b678922566a1ed43a86727371c7b6b8c362431f49812e7c60a9aa72134d7fffaeb7be0efb6b5ca0f10e1c716b6a557 AUX openssl-1.0.2a-parallel-obj-headers.patch 1359 SHA256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f SHA512 ac8224bc088099d72e7e6761303b8653766372bd027536951c458bd22fd0526163de22bf27675e0292a12ae7257a5c1edf26a92747e00cc139e13e1b624b4072 WHIRLPOOL 58b1de7c90ed96a077065ff6abfdeaffd98ce68cc9a2551dab7ff3d04e9b38be8d4bb94a6830f4e6c3d997747345c43f76c31f4c7b825f56fd488e85b9c6179e -AUX openssl-1.0.2a-parallel-symlinking.patch 2041 SHA256 30cb49489de5041841a74da9155cd4fabfbce33237262ba7cd23974314ae2956 SHA512 b87ab581784c285ef394b31baa1196a831a86c3b2d578704c9d8b80d68c70a8b19cfa88bd29b84578ed024135ae2d2ac4d622c91e1040074016b8fd104d6c05a WHIRLPOOL c8200ec6755efdce550afd2f59b3d5dc36324c6810b3ae7427af7130be9ba0db5857c13811f97dd6672230b9f096f81ebb4136c9589d53d25dcfe5c064355a46 +AUX openssl-1.0.2a-parallel-symlinking.patch 1967 SHA256 5be3c20d64cadaed7bc4e8e500e8a67faafded7fb326779620fdb29397c44d87 SHA512 ee6c057134b31a96af5ffc3558011f8f4ffda4a2ceb2967f32cd01b6ee0ce7b386fd195c19936923404da46c33eee38a2bab335da1a16b835ac9f9d02157bdf6 WHIRLPOOL daf64bf9d14b0516b4e9dd75d3b806b1e389defe604de9e0d19860ef10436b9a534d14cfec6422c85e9134998dfe9917d257730036daf813fce0ae7d1f6be284 AUX openssl-1.0.2a-x32-asm.patch 1561 SHA256 8bcff04217c5ad82448e27d14f3559a157c2cad89b5fb2b6af701fff1664f86d SHA512 fbb23393e68776e9d34953f85ba3cbb285421d50f06bd297b485c7cffc8d89ca8caff6783f21038ae668b5c75056c89dc652217ac8609b5328e2c28e70ac294c WHIRLPOOL 70163beaed966de948562c3a633828846d12eda7b04526c7e33746c67af5a20ecf47e9e9e5cce33abf7444676f4b15b770204e95db75d0b91a9db13c46ff92bb AUX openssl-1.0.2d-parallel-build.patch 9504 SHA256 deaf6f3af41874ecc6d63841ea14b8e6c71cea81d4a511a754bc90c9a993147f SHA512 9d81b0dd260c0622eefea2bd33a8b19806b372c39fa6197af1b19ce263ddcd4554dd4fc4ebc23452ffc8d0144bb7b8d4aeb19fd479b14220c08c3c53b895a88c WHIRLPOOL 4b9b7c1aa5b2c3a867dc53e417453e0cd7414510fe32b0392915601ed5e4a1ea6b5deeb082d0fdfae1e8a23f481fe7551bb29303a752a8a27c4c11d80c4a320d +DIST openssl-0.9.8ze.tar.gz 3734873 SHA256 ee3da602826e975b47e4d7af8a27be8258c160876194898c58881eab814b55b8 SHA512 6ab08065ab2cdf6699e462e2a082e6d4c21f027383e12d4dd1d0dce2a4073ae52230494215b3fe24b8a8d73f5f5dd3a1fe53c66acd8db6e162e4bf3636e229c3 WHIRLPOOL 8a5de0aed7b48007b3b8092726c9c8eb6771c49d388baaff4d7ba3591be0b1856cb17842db5bc608994b38f5d87a8b07a441c874523e577b786a4612bba7789f +DIST openssl-0.9.8zf.tar.gz 3822386 SHA256 d5245a29128984192acc5b1fc01e37429b7a01c53cadcb2645e546718b300edb SHA512 8a68f024c31b7de25e19732ad556a27d69cface8e7a546ca4221873053a270e5e36336626f7fe857bbbec5427204bddbb5fc9dea8d7a187a8db6719d970431ab WHIRLPOOL 842e5bc71a12bf363fe797e95faf988ae949aa15f8faee935ee8861e4093e9d4e0b766b24dda8d415f29d2ee2821050cfc3ce095d265d59574e7fe0af4024c66 DIST openssl-0.9.8zg.tar.gz 3826891 SHA256 06500060639930e471050474f537fcd28ec934af92ee282d78b52460fbe8f580 SHA512 c757454de321d168ac6d89fe2859966a9f07a8b28305bf697af9018db13fc457e0883346b3d35977461ab058442375563554ecb2a8756a687ff9fc2fdd9103c9 WHIRLPOOL 55ecf50a264a2ddd9b5755b5d90b9b736d2f27e0ba2fd529ccff3b68bbd726d1f60460182a0d215ae6712dbc4d3ef2df11339fb2d8424e049f54c3e904fcfab0 +DIST openssl-1.0.0r.tar.gz 4095201 SHA256 6538b33a1b95681c86ac8c5cc54d22835f0f0a5bf42ee6df4138c672d7e75f17 SHA512 a65292a7b43f7d0637952476356a95908b5843ca17f717158dd4d2171113192f04c92f4f9133bb4750172f06367dae64733aa239b90c52d4d9323f467012428f WHIRLPOOL 71c7d726a3a5d70735d4b34c3e00c15fa2ef8640801f8a265e4e92cf01db4a517630084dd7632850f3df6f4dbd848a3a7ec908a71db996a45c29f1ac53ac7877 +DIST openssl-1.0.1l.tar.gz 4429979 SHA256 b2cf4d48fe5d49f240c61c9e624193a6f232b5ed0baf010681e725963c40d1d4 SHA512 27fe42f33815a3aafff75f2b9a5604c328fe5945c5cecaca74e5d2c2a1e066d64ddcc1fdb14b54fc7523cc730ab8a57d7d56b2879c289e86673f91fee0cca65e WHIRLPOOL 79f5698585c68ba647fcdfc4b342a43d06d69230658ca1bc265dd10d8da939c3e27b9a4125bd2adfbf50002b1dddef18be086dfc23a5050e69fb77350131909f +DIST openssl-1.0.1m.tar.gz 4533406 SHA256 095f0b7b09116c0c5526422088058dc7e6e000aa14d22acca6a4e2babcdfef74 SHA512 f37b60cb4449674d5c06a4056acc3d11f1c9773da6111148fa3fbf8d14362ba1ff5eb5e0c0e06c2b5c84543b2b974584617e393ca83de2230cbbe69b52975afc WHIRLPOOL c33cc05debc31d5044be4de58267e1a07281f28f9d68f4288d3da1c3cdfcff6939a47abe1f50b377272d0dbd9475ae5fec84919b0c53d37e0bd3d94c44f68c91 +DIST openssl-1.0.1n.tar.gz 4545564 SHA256 3581a405ccbe0fd1f6f17ea41773f77cdd51db55c01e1b4d8549e519882c6caf SHA512 439e37879e379b77ae0e912222771ac54c0dcc4ad187b8e2eb6771df6cf71d56c4369931f4e16b8922b9d4a22e8f0aa9802c6828b8406fba7481426eade628aa WHIRLPOOL 8c08fc98863c444db3c1fee6970d1866123b7a525f4fe303016c0cf040351f7cb71f49a00ac1f1948ae9b7edaf9a4e5664814415447c8a88d4c49fe9014411d5 +DIST openssl-1.0.1o.tar.gz 4546659 SHA256 16e678c6a05f2502811e075f2c4059ac01c878d091c9c585afc49ebc541f7b13 SHA512 dc05fc6f47239330ad0c36f27049f02752bb168b7b1234b12760e42a920d41dd47d1e652dfee897b4c99729308fbb59cab80b93c8614acf498215a8b80607fbf WHIRLPOOL af7505625730ea6e59517289fcc6044b24e0826b2538463f36e876ae96ca7d591627ca09386e6a69e8234df88fec11fb9e2a098c2f6996592a0f74cecbf4af30 DIST openssl-1.0.1p.tar.gz 4560208 SHA256 bd5ee6803165c0fb60bbecbacacf244f1f90d2aa0d71353af610c29121e9b2f1 SHA512 64e475c53a85b78de7c5aa71a22d4bb3a456142842373ebf8f22e9857cb0352b646e591b21af866933baecdbdb5ac4a22aeb64914440c53a0f30cd25914029e5 WHIRLPOOL 2a81f3b9274e3fef37a2a88e3084d8283159b3a61db08e7805879905c87a74faa85bc6e570d18525741bd5c27c34fe09eeb58b2bfe500545d0f304716e14f819 +DIST openssl-1.0.2.tar.gz 5265809 SHA256 8c48baf3babe0d505d16cfc0cf272589c66d3624264098213db0fb00034728e9 SHA512 dea46225a5445edc4986b02b99fbc90153819374b9a9bfdd892b60cd18ac7fefaf21a7e9d2bb05d0e3bfa4d2704e0ee24b06cc8e7081a542d7598cc9e73c67c5 WHIRLPOOL fe628a38125390deb75728b31427c308efbf65637a569fd1f139f6313fea533514ef05bf3d01bbdc793f77eb259400c95c53074a294d32d73576939d16f22e25 DIST openssl-1.0.2a.tar.gz 5262089 SHA256 15b6393c20030aab02c8e2fe0243cb1d1d18062f6c095d67bca91871dc7f324a SHA512 02d228578824add52b73433d64697706e6503c2334933fe8dd6b477f59c430977012c3c34da207096229a425e1dcb6f3ae806043894b5ac98c27bbcddb794dd4 WHIRLPOOL a590c71794f5d29b80afa28b18621b7535e96b714b3690d793c1422a90b09a89cbcb912841d400c5982a8197bb02c13051190e96ba0e4d530509b48b43067cd7 DIST openssl-1.0.2b.tar.gz 5281009 SHA256 d5d488cc9f0a07974195a7427094ea3cab9800a4e90178b989aa621fbc238e3f SHA512 563eb662113668bb9ccf17a6e36697ad6392321ac1a32aa2cada9d8f4047651c2fa4da61f508ee3e1834fea343dbba189e09c1d6cabe5d1de5e3e6d022c31f4f WHIRLPOOL d828dc76842d25f02f211031b3ab9a2a8fd44975e9aaf87d0fd5fca9935a27b61c3e4f896a2186194f1a7b4d668fc48cafc5be9f7c670017ba342ce40113935f DIST openssl-1.0.2c.tar.gz 5280670 SHA256 0038ba37f35a6367c58f17a7a7f687953ef8ce4f9684bbdec63e62515ed36a83 SHA512 2a68e8b017d0d3e34e4f9d33b77abd960b3d04e418f106e852684a2ff247dc8ea390b7d6a42d130fd84d821a15e84e77b68b3677433433ef5c10d156333b9dae WHIRLPOOL c59878c3bd5e8904913b97d71a15ef1eaafcfb4eb58c691ba4fb38bf81752308d0ef4a902e53aec4c6e7585677f2404d29cdea0832d14206fabf28d744af2622 DIST openssl-1.0.2d.tar.gz 5295447 SHA256 671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8 SHA512 68a051e92aaed0e7a8b218c185427c534c32f30f50c45f5d2c1f5b7a26d1416e83863d2953c77486acde3b636a148f39faf48246d28a207607ec069f62b13d75 WHIRLPOOL e3d8f0784903c8d6aa05ada7b8b410517c99157a3c2f4ac34c8a9d80c77408bd6ff9e820ded47f6223ccac4a77413174aa625303166ec28fdbf8374a7d4659ec DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1 -EBUILD openssl-0.9.8z_p7.ebuild 4938 SHA256 bc585ae3f58a44d09f10fbc5c9b0f71db429146c1fa23e2c363e4e871f60ab39 SHA512 b60e3333982c6f9447b9b8e05a1aa260f79e56f1a8055c3ce42817d8b1605024cdd449b4b5381a4c2cf587638b7057b36bb1fb862a7db96189a5a14f8d08bade WHIRLPOOL 50a7fe8a5ef76178e2c94e249b5acae00c9afe50229062cc8f49b87433c62e0c493b6feb2cea377395c4d4e88c174ae5c283b4b5961838bb0ab92cee07b7bd77 -EBUILD openssl-1.0.1p.ebuild 8708 SHA256 12fbb97613360ad2bd9b5088e4fed26c2cafdcf9202639ac0b0169c2f182089e SHA512 a13f64251e5b731e340a273ca936ee58101d9327172268b24571f5f13f903a7a7bf13f3de40c0f0fbec0fe5f81a01026e451cc41038721387d84ce441b08e5f0 WHIRLPOOL 62999198638888e6bbb3d12e633306e7960f3a47500774360cf8e118107f7c724c48f01e97e360a74c3544448b7f49850daf367549b02eb23326ea622a00bc0a -EBUILD openssl-1.0.2a.ebuild 8975 SHA256 6a89c480f37dc4b910e678740afb4283d358f6cfd2bf2de0ac73fa26ae43f20f SHA512 185f31d235e8dfd0bd0c9a8c6ecbc1d4f0464862346d9b46c7bc39731f211596fc8f1b725e54af2a7de939b84aeab166d35456308ef48b9f8202abe88b9fa97e WHIRLPOOL 547521747e4a5bc0b406bbd74b45d1dce4ea1bf6cd0cd47221aafd9784942b41e9891c3c3b4e934b22546324d4e361d5cab78942c77bc2eee9359aba2bf98b13 -EBUILD openssl-1.0.2b.ebuild 8856 SHA256 0ab19a1058f701975572a1ddbc046d51586d050c861bfb4b4e37757181ea24f9 SHA512 091f2459f0a77fb4781d850b7f921dd387e80cf47a32d6ce56df0bfd736c653ae315d62b78913233a574361a388cc500c9e155b7cdbf89427da036fa75c6e336 WHIRLPOOL 8b39fa91b3529a7d931a4bc4b406a99647d16b87030117f9e5c5deb9793a971eeeb1a4cc91858a0d63d95f0e5e3148589705b0b3335b82843120cf5c0e28d729 -EBUILD openssl-1.0.2c.ebuild 8856 SHA256 0ab19a1058f701975572a1ddbc046d51586d050c861bfb4b4e37757181ea24f9 SHA512 091f2459f0a77fb4781d850b7f921dd387e80cf47a32d6ce56df0bfd736c653ae315d62b78913233a574361a388cc500c9e155b7cdbf89427da036fa75c6e336 WHIRLPOOL 8b39fa91b3529a7d931a4bc4b406a99647d16b87030117f9e5c5deb9793a971eeeb1a4cc91858a0d63d95f0e5e3148589705b0b3335b82843120cf5c0e28d729 -EBUILD openssl-1.0.2d-r2.ebuild 8796 SHA256 bd972e5f820fb9e567c7ccd9a3e185569243f48fca49f17a2303aa9c24424c0a SHA512 68b8d6e86f7c9af7603f5ecc1d86ad12d0b2e63ce711f9c512d0aa0236562e769b89a234adb934aff4a844155b217a77f7c596b164c5f90cd051ed0e8d39da0e WHIRLPOOL 519c2ca87c4aae11237becc75f315a409167eed76e853cf61d0fbc2848449efe665152ad5a4b4b498aa0b22c7c65f385dd307870d93f9c0a663a2f3b62a9220e -EBUILD openssl-1.0.2d.ebuild 8912 SHA256 5259275210d0310711cf3c264bd5f336948a9cbaeddf61580aaeada02c53e8d1 SHA512 c84ac3bdbe859725608493911bfae4601672979bb1f9b5788b624ed0aa33265fbd7c7b6e51b5e1c3ba70d8d546baea91b88df9d8319119dfaacc1c9f352def62 WHIRLPOOL 0fc9d99a530e7a47f9ed1923a669b8aa76ebe3d3232ff8d55c03acd6e9ba43ae19312b2e5c853384017d90de11ec78438011eb63382a266aaffc066b586cf85c -MISC ChangeLog 105012 SHA256 78da8e54f925dd55fa0e87800ab2e3ad9833cb33f6c334a4364339195d44a8a8 SHA512 fa8deec570b40406f273a5ea929f10113d81d828815c67f225968bbbaa6737f6c4832502a100b06fe6c8cf124529fedaa04cbaf7a70f037680a420ce244be1e5 WHIRLPOOL a2acbfb3283a9521492b4b96d9d2283aefc3445df87e47e584c66f87547cfa954914beaddd040c7097fded7029897f9481cded1d1f2d1ad7fa7b2e5425b285ba +EBUILD openssl-0.9.8z_p5-r1.ebuild 5108 SHA256 d32cbde07bf210f2c8cd049400aac1a4b978f65b329869f0b21a0a09d80707b3 SHA512 fd5c39321e7999791d5e077b2298f3fe6f14378f5f5883491528684eabd69a522e4c16fbf832284258d24a8ba90d2747320adc040b87f2a30e439cf63a9d2388 WHIRLPOOL c8e2a914555839ae67e2111812110969a4dd627a79643c242d9762ba8d6648d3a52edba546089f61b7cf7f0f0b5e228cf6000cb949a6989614f879133191cd3c +EBUILD openssl-0.9.8z_p6.ebuild 5050 SHA256 74e5cb01471dee2b835c355534aaf027e3618b818e07137bfc4f85f43e2edd5d SHA512 bc50b8f71b79c8f6f70d0ccbf0ae54dc7fc8823c1b02b543942c623e028681791a3cbdc8519b54665548f44d03ea761510bac546b74708b028da05173f951c93 WHIRLPOOL 762699f9704f4a75caf72ee9f842900a34645e3483dd438b47f892ddb6b7d75faf8c4eb945ad53aa11f26b5bfd59e4505e4252596b65220ae381ce3b9e80468c +EBUILD openssl-0.9.8z_p7.ebuild 5044 SHA256 38501b817bf3be5856b49c4f3e35db1bdf8636d8191b4657ec17e775fcc2f6f2 SHA512 b50866875aa0046c4a1fc65733d54686b3fd8622d53066ac6b6cfb8a242710152d2b3c797a3f05bcd45e48ce2b3fb36957db6c1101067744ff21234c2150a9f4 WHIRLPOOL d86404800dfa547c1babda6f7932fad48c8dac1222f0736857dcf6829c527d565cef0a44376233c562c51d48035692f0d25f689cd4142f1d988b8e05b52e1cac +EBUILD openssl-1.0.0r.ebuild 7105 SHA256 9a73119cf74c7e219a4a25edfb3b8510f46a97b5d54524dcf2e4bd10d1a80483 SHA512 5f55cba93417efd5a3d034d3f45df087fe3301ab87d5e0c9fcc601f2f3e7ed22f83dace214c131275f440702936523b84abe0b7c3845513800444a3762ad831e WHIRLPOOL bdeb464e6ad334878fb01a41ce2ef5ca1b293aba8a06ba5e693ad5f7ac7b0d483c75024a8cc9523b08d0ad2ddad2e8a0092a9d38b1a7c688ee607dfc2db7fef2 +EBUILD openssl-1.0.1l-r1.ebuild 8880 SHA256 eed2ddde72a8e8d33027839ea595c1cac8ce93168db7aaa11ec909de1c89f6a4 SHA512 95983b1fbc937baa686b4265abf80b41c804946a8db15b1b1e7e282b408d61ab0d7c69c1970763b34a45876a4c822a662fafa47e976df797930d75ac458f7330 WHIRLPOOL 11d26c49e525bc162cadf7ab7ea068f480b21e9fe7e5b61eb8552c050d34371f5d4cf23257cf07c42b152dfdca0efbf78441f9942480bedf4b2ba032ac074903 +EBUILD openssl-1.0.1m.ebuild 8818 SHA256 f5daed0b724e5a73fcdaaa9def311b64475006ba55d87628a6c8e693d0a5dfe7 SHA512 3deac87033d029a4fa55e8b42ac29603efc5272c788652adaaf0de17c45d6998720a8303a2ec54efa25e0f9ff8e08bf6c5f168deebc15ae76eb10e43cd8f4aa1 WHIRLPOOL c5c3a221063521f6707a786918247f12d1bcc6b421da0e55d836e38756191b812b8353775d95cb12520bbe8c457aa7ef1bf861c09019247b3a61c237995c056e +EBUILD openssl-1.0.1n.ebuild 8762 SHA256 51bc3205eef93b527e42e3968f0bc047733a72bc6bc57cc12a0eceec5045424a SHA512 2ca15f7219cf16882432b26454566cea07f9a62f8d2aa0dfd798b052d6bb0825599742e26be2cbfa30c09f498cd1b84ad68856b80badea51e797f55b714f9a41 WHIRLPOOL 0890622e0c385fd4cabc5f300e56a4c8cda121a7d5fbeb34aac966d943726191b7f2a58d8f813923af3d6e159563a6bdf26522cfdc8a5f27e7ba64d624afa54a +EBUILD openssl-1.0.1o.ebuild 8751 SHA256 3b74210ffe7aec3d7322d0300f7be6f492ddfc5acb5808424794025e8fd16ddb SHA512 5eb0006829420df13c501c45e43e17344757cc6f1d1713ab439e648d902daff49ce8eb3564c7d5788d715d88c6371c96cd61a073c266c74ef39c1851f50fe2c3 WHIRLPOOL 897d0f38e7904be97bbc2fb12c944139f5cf506a1dddafec49a39cb05fc61dbf7a9783f5341670c642bf727b4aa9d712074fe7d4e548547ea05270f6b9db8a14 +EBUILD openssl-1.0.1p.ebuild 8757 SHA256 488e4dd5e97b418a242e1bec492030f93bd25076a31fac38c1aa42845a4646f8 SHA512 7f34a17ef4155e18031b47778a562afb24362fb4629b5fae7d23c556d5d55a79cf517731284459dcf991e2791f614e3faf55abe7efb663523d268b63c811ed51 WHIRLPOOL 820d1187730de7c9e3e6b7417dfd5cd9d495008af814abd224eca89397136e7686faa459cafe8942c66173e264a16b9dadffa74e37f85258b3dd1489bc24f8b1 +EBUILD openssl-1.0.2-r3.ebuild 8925 SHA256 16b32e6b3a83e270e067558d29a80578576e23adca0f35a5a4176492c32170cf SHA512 25ca31b089457de899b1c2ba409041f4b1b866830aa27ac5b62e344f6141e4587d54d5c1d7e5530c3df36e6093613c8d34a0d7e96553f3427f5c374e498621dd WHIRLPOOL 38cf25a45265d8f01973f982c5c7bb16df6bd5e7ac4721f5aa84e8c95a066284ed538c688489bb06af7067b07bb1590ddcfee5be31a82aeca82f46bd25c04219 +EBUILD openssl-1.0.2a.ebuild 9081 SHA256 a19ab518fdf35f21e2c8e57c57dc641784ba367741a17358a4645c7659822ce5 SHA512 fbe27fdf9f9c9160b4687f83f6836f0c4f43cedc0e0a70797fa33c803c6e9cd6cc6260dc406c0449b9bcd977e0175df836abf9498a33a8192040e0bb5275d15d WHIRLPOOL 98c4cedc4eefbf809bf2eb8fc885ea09315ed38b0aa9816d942afd78f4c6497b3114cb21f8d5d6746b95ec3c8f61625eda1b00abb0ebd7877e8014f8b01c1dff +EBUILD openssl-1.0.2b.ebuild 8962 SHA256 d5f36d48b98cf1680d3c221e387eda1150d85d5479464804ffa0d821ff765e7b SHA512 dcd83b5fbf3b411cea86bb4b40a27e3e836b01bfbce5ba71a923526f720e0a1155af5f5e42c540210e3d1b55783897cb8327b62086254903e954631143eaca38 WHIRLPOOL 8ada7f8cf76f95b64f2388659e2fc4d2f0dd759445769324f4ffbbb68874d093631f776ee9e300e8a1ab4a5dd2387ef6594caf6b2e7b921d009a8a45b69a0a78 +EBUILD openssl-1.0.2c.ebuild 8962 SHA256 7fac06c39a2d187c647d71e178ef635a33654bdf1ac90a4b87cd0575d7c0db57 SHA512 0d9bd3558ad0b4a69ec836dfce6e3021dc301de3bbe1bb56f0f30d647bf3e4734160d11183da23be0249b8a4d8db13c116792eee16520c11a8e8c7cdb1c37bde WHIRLPOOL 68a81b58fa53b479c56b4a227933631212d674bfa8639c5d968702df12dbc74b912c8c679946ec146293e1226ce89afc51ba36ddc49c026c0570535ff4a261b2 +EBUILD openssl-1.0.2d.ebuild 8962 SHA256 c83a55667b9a6fde9e3e9b0eef29e962ac735bf6ef75422f3c30e3c309a69855 SHA512 42b3fcb5b6b6431b5271e254e8d86b11c3b819b9f991f777c1669b32e9c7ac955f3117cd36d7e0ede04cb24b243e0f3a025186e6ffb77be7ddd9da885debdb24 WHIRLPOOL 07fbe154decfc020beaa0e8c20a9548c50fae673e4ad9bed999764a8446f044c7be134af70d2c59ce2d0d03e47d7cec5d6ef09cdf746c73d38d273079ef44646 +MISC ChangeLog 103807 SHA256 429b89eef0e497ed8a8dfa2fcd3577efbdc0b2697756fbe8e6fc290992ad05d0 SHA512 6e0f28ce77b27ea0e53dc39d0e893bf8209a71c249707da10bb823fe73b60f4955df12cba1bbfe286a4e35c2bba7714cce015912464b5783784290cd31224f6e WHIRLPOOL a3e90c29c892825fd50937524bddfca9f51eaa38f069576e72d2736a0a05ab9abae2472d834cf0756fae58e9f8104a42803c05b70fb952a5319ddac85154eadf MISC metadata.xml 730 SHA256 229ceddc7f42d44d7cee107774dc210810cfcf866040306eb95e1c09da0279fc SHA512 31e307f60d08e38d39892f13f8d7bff9b530bf99d489983d224c9a0d061593448732f2a60beb70abc560672b49347567e20ea5692892274882bf4e955cbd52cd WHIRLPOOL edbcd6c8010d6282a798faf68279bb5a74420588f339ee2c59d110546a61d2911b30071bac8f7e2b60b33711d4d13b5226c6b5a195aa458ab8502fa1fe520c90 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCAAGBQJVno14AAoJELp701BxlEWfib0P/RQc/xioS14zYK3WMDP7CAvn +J0jGtS7y/PBIlSnmKnjDjf/ysTlITtVmbZY51+rrnZc/+FvrIIF/BAjwU+gwTD/J +gWM8O491e6Y3XtdGEDZNvY0fbBmwp/ItRK9R8rFC/j3zUnnP7F1VALz6A+Xq48Cq +kVOqjNE8LUXuZfbUqeptyz8p+K+rc2GHkMPb0cdiRIx/alqFV+ifrmK2A0HXv/jG +gqnwUoWHeLflrU6nWUMz9ToDfeL4Bf/9kIC9BTHkJG+rZr/b7d5UhJRbs9FjZYH2 +0zF/sK9c3KuUDLGUMLtUjzRBPceEkqHETrFXPYtuaDi029qdWbT7hYKHWEvP2iXW +rzsZgNOBWK1LQIdAfuGguBIUQ8umzuHG33Gp7kgJMtQKMbPVvG/QwrcOQH1VKUX/ +eZdQdb8rXrQHpwz/0AjlDBeIXjBUb4UYj5/5g1BW+em7JzAfDcxks7+5W/0apdcv +PnpkAQHea0X8AGR+Sq/4y0aiueV/SAPVwh4MV1zTHaNfdzerHZ9z+QMSS/nHqcHQ +2RAxT2cqtkPlUstp2sGgGvEcHB5ih8VuI1Ti0OA6B/N71q6e8fxtvlyriDNHWCqK +b9kZeOVWMas4oTqbfkBUVWDtFs7+L9DXa5eFA2iHs8q+89nh70642cc2uZsJ/wDZ +HEUnd/f0f6H4VOuPFsnV +=tepk +-----END PGP SIGNATURE----- diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 old mode 100644 new mode 100755 index 20d88a7d2a..69bb6bc0a3 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8 @@ -1,7 +1,7 @@ #!/usr/bin/env bash # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-0.9.8,v 1.18 2012/05/25 17:41:21 vapier Exp $ # # Openssl doesn't play along nicely with cross-compiling # like autotools based projects, so let's teach it new tricks. diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.2 b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.0 similarity index 90% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.2 rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.0 index b3f6cedfbe..0c479f1692 100755 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.2 +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.0 @@ -1,7 +1,7 @@ #!/usr/bin/env bash -# Copyright 1999-2014 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.0,v 1.5 2012/05/25 17:41:21 vapier Exp $ # # Openssl doesn't play along nicely with cross-compiling # like autotools based projects, so let's teach it new tricks. @@ -16,7 +16,6 @@ if [[ $1 == "test" ]] ; then "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ "armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \ "x86_64-pc-linux-gnu |linux-x86_64" \ - "alpha-linux-gnu |linux-alpha-gcc" \ "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ "i686-pc-linux-gnu |linux-elf" \ "whatever-gentoo-freebsdX.Y |BSD-generic32" \ @@ -27,7 +26,6 @@ if [[ $1 == "test" ]] ; then "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ "powerpc-gentOO-linux-uclibc |linux-ppc" \ "powerpc64-unk-linux-gnu |linux-ppc64" \ - "powerpc64le-linux-gnu |linux-ppc64le" \ "x86_64-apple-darwinX |darwin64-x86_64-cc" \ "powerpc64-apple-darwinX |darwin64-ppc-cc" \ "i686-apple-darwinX |darwin-i386-cc" \ @@ -35,7 +33,7 @@ if [[ $1 == "test" ]] ; then "powerpc-apple-darwinX |darwin-ppc-cc" \ "i586-pc-winnt |winnt-parity" \ "s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \ - "s390x-linux-gnu |linux64-s390x" \ + "s390x-linux-gnu |linux-s390x" \ ;do CHOST=${c/|*} ret_want=${c/*|} @@ -82,9 +80,7 @@ chost_machine=${CHOST%%-*} case ${system} in linux) case ${chost_machine}:${ABI} in - aarch64*be*) machine="generic64 -DB_ENDIAN";; - aarch64*) machine="generic64 -DL_ENDIAN";; - alphaev56*|\ + alphaev56*) machine=alpha+bwx-${compiler};; alphaev[678]*)machine=alpha+bwx-${compiler};; alpha*) machine=alpha-${compiler};; armv[4-9]*b*) machine="armv4 -DB_ENDIAN";; @@ -101,9 +97,7 @@ linux) m68*) machine="generic32 -DB_ENDIAN";; mips*el*) machine="generic32 -DL_ENDIAN";; mips*) machine="generic32 -DB_ENDIAN";; - powerpc64*le*)machine=ppc64le;; powerpc64*) machine=ppc64;; - powerpc*le*) machine="generic32 -DL_ENDIAN";; powerpc*) machine=ppc;; # sh64*) machine=elf;; sh*b*) machine="generic32 -DB_ENDIAN";; @@ -111,7 +105,7 @@ linux) sparc*v7*) machine="generic32 -DB_ENDIAN";; sparc64*) machine=sparcv9;; sparc*) machine=sparcv8;; - s390x*) machine=s390x system=linux64;; + s390x*) machine=s390x;; s390*) machine="generic32 -DB_ENDIAN";; x86_64*:x32) machine=x32;; x86_64*) machine=x86_64;; diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 old mode 100644 new mode 100755 index 24c995a04f..4d184936c0 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1 @@ -1,7 +1,7 @@ #!/usr/bin/env bash # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.1,v 1.2 2014/01/17 04:27:03 vapier Exp $ # # Openssl doesn't play along nicely with cross-compiling # like autotools based projects, so let's teach it new tricks. diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-0.9.8ze-CVE-2015-0286.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-0.9.8ze-CVE-2015-0286.patch new file mode 100644 index 0000000000..facb77d203 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-0.9.8ze-CVE-2015-0286.patch @@ -0,0 +1,326 @@ +--- openssl-0.9.8ze/crypto/asn1/a_type.c ++++ openssl-0.9.8ze/crypto/asn1/a_type.c +@@ -121,6 +121,9 @@ + case V_ASN1_OBJECT: + result = OBJ_cmp(a->value.object, b->value.object); + break; ++ case V_ASN1_BOOLEAN: ++ result = a->value.boolean - b->value.boolean; ++ break; + case V_ASN1_NULL: + result = 0; /* They do not have content. */ + break; +--- openssl-0.9.8ze/crypto/asn1/tasn_dec.c ++++ openssl-0.9.8ze/crypto/asn1/tasn_dec.c +@@ -128,11 +128,17 @@ + { + ASN1_TLC c; + ASN1_VALUE *ptmpval = NULL; +- if (!pval) +- pval = &ptmpval; + c.valid = 0; +- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) +- return *pval; ++ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) ++ ptmpval = *pval; ++ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { ++ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { ++ if (*pval) ++ ASN1_item_free(*pval, it); ++ *pval = ptmpval; ++ } ++ return ptmpval; ++ } + return NULL; + } + +@@ -309,9 +315,16 @@ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + goto auxerr; + +- /* Allocate structure */ +- if (!*pval && !ASN1_item_ex_new(pval, it)) +- { ++ if (*pval) { ++ /* Free up and zero CHOICE value if initialised */ ++ i = asn1_get_choice_selector(pval, it); ++ if ((i >= 0) && (i < it->tcount)) { ++ tt = it->templates + i; ++ pchptr = asn1_get_field_ptr(pval, tt); ++ ASN1_template_free(pchptr, tt); ++ asn1_set_choice_selector(pval, -1, it); ++ } ++ } else if (!ASN1_item_ex_new(pval, it)) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); + goto err; +@@ -405,6 +418,17 @@ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + goto auxerr; + ++ /* Free up and zero any ADB found */ ++ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { ++ if (tt->flags & ASN1_TFLG_ADB_MASK) { ++ const ASN1_TEMPLATE *seqtt; ++ ASN1_VALUE **pseqval; ++ seqtt = asn1_do_adb(pval, tt, 1); ++ pseqval = asn1_get_field_ptr(pval, seqtt); ++ ASN1_template_free(pseqval, seqtt); ++ } ++ } ++ + /* Get each field entry */ + for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) + { +--- openssl-0.9.8ze/crypto/pkcs7/pk7_doit.c ++++ openssl-0.9.8ze/crypto/pkcs7/pk7_doit.c +@@ -151,6 +151,25 @@ + EVP_PKEY *pkey; + ASN1_OCTET_STRING *os=NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); ++ return NULL; ++ } ++ /* ++ * The content field in the PKCS7 ContentInfo is optional, but that really ++ * only applies to inner content (precisely, detached signatures). ++ * ++ * When reading content, missing outer content is therefore treated as an ++ * error. ++ * ++ * When creating content, PKCS7_content_new() must be called before ++ * calling this method, so a NULL p7->d is always an error. ++ */ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); ++ return NULL; ++ } ++ + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + +@@ -344,6 +363,16 @@ + STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; + PKCS7_RECIP_INFO *ri=NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); ++ return NULL; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); ++ return NULL; ++ } ++ + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + +@@ -637,6 +666,16 @@ + STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; + ASN1_OCTET_STRING *os=NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); ++ return 0; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); ++ return 0; ++ } ++ + EVP_MD_CTX_init(&ctx_tmp); + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; +@@ -668,6 +707,7 @@ + /* If detached data then the content is excluded */ + if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { + M_ASN1_OCTET_STRING_free(os); ++ os = NULL; + p7->d.sign->contents->d.data = NULL; + } + break; +@@ -678,6 +718,7 @@ + if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) + { + M_ASN1_OCTET_STRING_free(os); ++ os = NULL; + p7->d.digest->contents->d.data = NULL; + } + break; +@@ -815,6 +856,11 @@ + + if (!PKCS7_is_detached(p7)) + { ++ /* ++ * NOTE(emilia): I think we only reach os == NULL here because detached ++ */ ++ if (os == NULL) ++ goto err; + btmp=BIO_find_type(bio,BIO_TYPE_MEM); + if (btmp == NULL) + { +@@ -849,6 +895,16 @@ + STACK_OF(X509) *cert; + X509 *x509; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); ++ return 0; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); ++ return 0; ++ } ++ + if (PKCS7_type_is_signed(p7)) + { + cert=p7->d.sign->cert; +--- openssl-0.9.8ze/crypto/pkcs7/pk7_lib.c ++++ openssl-0.9.8ze/crypto/pkcs7/pk7_lib.c +@@ -70,6 +70,7 @@ + + switch (cmd) + { ++ /* NOTE(emilia): does not support detached digested data. */ + case PKCS7_OP_SET_DETACHED_SIGNATURE: + if (nid == NID_pkcs7_signed) + { +@@ -473,6 +474,8 @@ + + STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) + { ++ if (p7 == NULL || p7->d.ptr == NULL) ++ return NULL; + if (PKCS7_type_is_signed(p7)) + { + return(p7->d.sign->signer_info); +--- openssl-0.9.8ze/doc/crypto/d2i_X509.pod ++++ openssl-0.9.8ze/doc/crypto/d2i_X509.pod +@@ -199,6 +199,12 @@ + persist if they are not present in the new one. As a result the use + of this "reuse" behaviour is strongly discouraged. + ++Current versions of OpenSSL will not modify B<*px> if an error occurs. ++If parsing succeeds then B<*px> is freed (if it is not NULL) and then ++set to the value of the newly decoded structure. As a result B<*px> ++B be allocated on the stack or an attempt will be made to ++free an invalid pointer. ++ + i2d_X509() will not return an error in many versions of OpenSSL, + if mandatory fields are not initialized due to a programming error + then the encoded structure may contain invalid data or omit the +@@ -210,7 +216,9 @@ + + d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B structure + or B if an error occurs. The error code that can be obtained by +-L. ++L. If the "reuse" capability has been used ++with a valid X509 structure being passed in via B then the object is not ++modified in the event of error. + + i2d_X509() returns the number of bytes successfully encoded or a negative + value if an error occurs. The error code can be obtained by +--- openssl-0.9.8ze/ssl/s2_lib.c ++++ openssl-0.9.8ze/ssl/s2_lib.c +@@ -410,7 +410,7 @@ + + OPENSSL_assert(s->session->master_key_length >= 0 + && s->session->master_key_length +- < (int)sizeof(s->session->master_key)); ++ <= (int)sizeof(s->session->master_key)); + EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); + EVP_DigestUpdate(&ctx,&c,1); + c++; +--- openssl-0.9.8ze/ssl/s2_srvr.c ++++ openssl-0.9.8ze/ssl/s2_srvr.c +@@ -446,10 +446,6 @@ + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); + return(-1); + } +- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, +- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), +- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); +- + is_export=SSL_C_IS_EXPORT(s->session->cipher); + + if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) +@@ -467,21 +463,59 @@ + else + ek=5; + ++ /* ++ * The format of the CLIENT-MASTER-KEY message is ++ * 1 byte message type ++ * 3 bytes cipher ++ * 2-byte clear key length (stored in s->s2->tmp.clear) ++ * 2-byte encrypted key length (stored in s->s2->tmp.enc) ++ * 2-byte key args length (IV etc) ++ * clear key ++ * encrypted key ++ * key args ++ * ++ * If the cipher is an export cipher, then the encrypted key bytes ++ * are a fixed portion of the total key (5 or 8 bytes). The size of ++ * this portion is in |ek|. If the cipher is not an export cipher, ++ * then the entire key material is encrypted (i.e., clear key length ++ * must be zero). ++ */ ++ if ((!is_export && s->s2->tmp.clear != 0) || ++ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { ++ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); ++ return -1; ++ } ++ /* ++ * The encrypted blob must decrypt to the encrypted portion of the key. ++ * Decryption can't be expanding, so if we don't have enough encrypted ++ * bytes to fit the key in the buffer, stop now. ++ */ ++ if ((is_export && s->s2->tmp.enc < ek) || ++ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { ++ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); ++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); ++ return -1; ++ } ++ ++ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, ++ &(p[s->s2->tmp.clear]), ++ &(p[s->s2->tmp.clear]), ++ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : ++ RSA_PKCS1_PADDING); ++ + /* bad decrypt */ + #if 1 + /* If a bad decrypt, continue with protocol but with a + * random master secret (Bleichenbacher attack) */ +- if ((i < 0) || +- ((!is_export && (i != EVP_CIPHER_key_length(c))) +- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != +- (unsigned int)EVP_CIPHER_key_length(c)))))) +- { ++ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) ++ || (is_export && i != ek))) { + ERR_clear_error(); + if (is_export) + i=ek; + else + i=EVP_CIPHER_key_length(c); +- if (RAND_pseudo_bytes(p,i) <= 0) ++ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) + return 0; + } + #else +@@ -505,7 +539,8 @@ + } + #endif + +- if (is_export) i+=s->s2->tmp.clear; ++ if (is_export) ++ i = EVP_CIPHER_key_length(c); + + if (i > SSL_MAX_MASTER_KEY_LENGTH) + { diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch new file mode 100644 index 0000000000..e1a030f9eb --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch @@ -0,0 +1,315 @@ +http://rt.openssl.org/Ticket/Display.html?id=2084 + +--- a/Makefile.org ++++ b/Makefile.org +@@ -247,17 +247,17 @@ + build_libs: build_crypto build_ssl build_engines + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: ++build_ssl: build_crypto +- @dir=ssl; target=all; $(BUILD_ONE_CMD) ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: ++build_engines: build_crypto +- @dir=engines; target=all; $(BUILD_ONE_CMD) ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: ++build_apps: build_libs +- @dir=apps; target=all; $(BUILD_ONE_CMD) ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: ++build_tests: build_libs +- @dir=test; target=all; $(BUILD_ONE_CMD) ++ +@dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: ++build_tools: build_libs +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -497,9 +497,9 @@ + dist_pem_h: + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + +-install: all install_docs install_sw ++install: install_docs install_sw + +-install_sw: ++install_dirs: + @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ +@@ -508,6 +508,13 @@ + $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/private ++ @$(PERL) $(TOP)/util/mkdir-p.pl \ ++ $(INSTALL_PREFIX)$(MANDIR)/man1 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man3 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man5 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man7 ++ ++install_sw: install_dirs + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ +@@ -511,7 +511,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; for i in $(LIBS) ;\ + do \ + if [ -f "$$i" ]; then \ +@@ -593,12 +600,7 @@ + done; \ + done + +-install_docs: +- @$(PERL) $(TOP)/util/mkdir-p.pl \ +- $(INSTALL_PREFIX)$(MANDIR)/man1 \ +- $(INSTALL_PREFIX)$(MANDIR)/man3 \ +- $(INSTALL_PREFIX)$(MANDIR)/man5 \ +- $(INSTALL_PREFIX)$(MANDIR)/man7 ++install_docs: install_dirs + @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ + here="`pwd`"; \ + filecase=; \ +--- a/crypto/Makefile ++++ b/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + $(RANLIB) $(LIB) || echo Never mind. + +@@ -110,7 +110,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -119,7 +119,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- a/engines/Makefile ++++ b/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- a/test/Makefile ++++ b/test/Makefile +@@ -123,7 +123,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -345,106 +345,106 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(BUILD_CMD) ++ +@target=$(SSLTEST); $(BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -457,7 +457,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0r-x32.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0r-x32.patch new file mode 100644 index 0000000000..2d715eb5af --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0r-x32.patch @@ -0,0 +1,76 @@ +--- openssl-1.0.0r/Configure ++++ openssl-1.0.0r/Configure +@@ -353,6 +353,7 @@ my %table=( + "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", + #### SPARC Linux setups + # Ray Miller has patiently +--- openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c ++++ openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c +@@ -55,7 +55,7 @@ + * machine. + */ + +-# ifdef _WIN64 ++# if defined _WIN64 || !defined __LP64__ + # define BN_ULONG unsigned long long + # else + # define BN_ULONG unsigned long +@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons + + asm volatile (" subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " adcq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " adcq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), +@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons + + asm volatile (" subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " sbbq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " sbbq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), +--- openssl-1.0.0r/crypto/bn/bn_exp.c ++++ openssl-1.0.0r/crypto/bn/bn_exp.c +@@ -564,7 +564,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU + * multiple. + */ + #define MOD_EXP_CTIME_ALIGN(x_) \ +- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) ++ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) + + /* + * This variant of BN_mod_exp_mont() uses fixed windows and the special +--- openssl-1.0.0r/crypto/bn/bn.h ++++ openssl-1.0.0r/crypto/bn/bn.h +@@ -174,6 +174,15 @@ extern "C" { + # endif + + /* ++ * Address type. ++ */ ++#ifdef _WIN64 ++#define BN_ADDR unsigned long long ++#else ++#define BN_ADDR unsigned long ++#endif ++ ++/* + * assuming long is 64bit - this is the DEC Alpha unsigned long long is only + * 64 bits :-(, don't define BN_LLONG for the DEC Alpha + */ diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch new file mode 100644 index 0000000000..19f859abb2 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch @@ -0,0 +1,354 @@ +http://rt.openssl.org/Ticket/Display.html?id=2084 + +--- a/Makefile.org ++++ b/Makefile.org +@@ -247,17 +247,17 @@ + build_libs: build_crypto build_ssl build_engines + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: ++build_ssl: build_crypto +- @dir=ssl; target=all; $(BUILD_ONE_CMD) ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: ++build_engines: build_crypto +- @dir=engines; target=all; $(BUILD_ONE_CMD) ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: ++build_apps: build_libs +- @dir=apps; target=all; $(BUILD_ONE_CMD) ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: ++build_tests: build_libs +- @dir=test; target=all; $(BUILD_ONE_CMD) ++ +@dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: ++build_tools: build_libs +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -497,9 +497,9 @@ + dist_pem_h: + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + +-install: all install_docs install_sw ++install: install_docs install_sw + +-install_sw: ++install_dirs: + @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ +@@ -508,6 +508,13 @@ + $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/private ++ @$(PERL) $(TOP)/util/mkdir-p.pl \ ++ $(INSTALL_PREFIX)$(MANDIR)/man1 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man3 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man5 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man7 ++ ++install_sw: install_dirs + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ +@@ -511,7 +511,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ + do \ + if [ -f "$$i" ]; then \ +@@ -593,12 +600,7 @@ + done; \ + done + +-install_docs: +- @$(PERL) $(TOP)/util/mkdir-p.pl \ +- $(INSTALL_PREFIX)$(MANDIR)/man1 \ +- $(INSTALL_PREFIX)$(MANDIR)/man3 \ +- $(INSTALL_PREFIX)$(MANDIR)/man5 \ +- $(INSTALL_PREFIX)$(MANDIR)/man7 ++install_docs: install_dirs + @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ + here="`pwd`"; \ + filecase=; \ +--- a/Makefile.shared ++++ b/Makefile.shared +@@ -105,6 +105,7 @@ LINK_SO= \ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ ++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ + $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ +@@ -122,6 +124,7 @@ SYMLINK_SO= \ + done; \ + fi; \ + if [ -n "$$SHLIB_SOVER" ]; then \ ++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ + ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ + ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ + fi; \ +--- a/crypto/Makefile ++++ b/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + $(RANLIB) $(LIB) || echo Never mind. + +@@ -110,7 +110,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -119,7 +119,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- a/engines/Makefile ++++ b/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- a/test/Makefile ++++ b/test/Makefile +@@ -123,7 +123,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -365,109 +365,109 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(FIPS_BUILD_CMD) ++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) +- @target=$(SRPTEST); $(BUILD_CMD) ++ +@target=$(SRPTEST); $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -480,7 +480,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. + +--- a/crypto/objects/Makefile ++++ b/crypto/objects/Makefile +@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h + # objects.pl both reads and writes obj_mac.num + obj_mac.h: objects.pl objects.txt obj_mac.num + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h +- @sleep 1; touch obj_mac.h; sleep 1 + +-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num ++# This doesn't really need obj_mac.h, but since that rule reads & writes ++# obj_mac.num, we can't run in parallel with it. ++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h + $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h +- @sleep 1; touch obj_xref.h; sleep 1 + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-x32.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-x32.patch new file mode 100644 index 0000000000..5106cb6e82 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-x32.patch @@ -0,0 +1,79 @@ +http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721 + +UpstreamStatus: Pending + +Received from H J Liu @ Intel +Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. +Signed-Off-By: Nitin A Kamble 2011/07/13 + +ported the patch to the 1.0.0e version +Signed-Off-By: Nitin A Kamble 2011/12/01 +Index: openssl-1.0.0e/Configure +=================================================================== +--- openssl-1.0.0e.orig/Configure ++++ openssl-1.0.0e/Configure +@@ -393,6 +393,7 @@ my %table=( + "debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "dist", "cc:-O::(unknown)::::::", + + # Basic configs that should work on any (32 and less bit) box +Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c +=================================================================== +--- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c ++++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c +@@ -55,7 +55,7 @@ + * machine. + */ + +-#ifdef _WIN64 ++#if defined _WIN64 || !defined __LP64__ + #define BN_ULONG unsigned long long + #else + #define BN_ULONG unsigned long +@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con + asm ( + " subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " adcq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " adcq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n" +@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con + asm ( + " subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " sbbq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " sbbq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n" +Index: openssl-1.0.0e/crypto/bn/bn.h +=================================================================== +--- openssl-1.0.0e.orig/crypto/bn/bn.h ++++ openssl-1.0.0e/crypto/bn/bn.h +@@ -172,6 +172,13 @@ extern "C" { + # endif + #endif + ++/* Address type. */ ++#ifdef _WIN64 ++#define BN_ADDR unsigned long long ++#else ++#define BN_ADDR unsigned long ++#endif ++ + /* assuming long is 64bit - this is the DEC Alpha + * unsigned long long is only 64 bits :-(, don't define + * BN_LLONG for the DEC Alpha */ diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch new file mode 100644 index 0000000000..03e4f59989 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch @@ -0,0 +1,18 @@ +https://bugs.gentoo.org/472584 +http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest + +fix verification handling in s_client. when loading paths, make sure +we properly fallback to setting the default paths. + +--- a/apps/s_client.c ++++ b/apps/s_client.c +@@ -899,7 +899,7 @@ + if (!set_cert_key_stuff(ctx,cert,key)) + goto end; + +- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || ++ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) && + (!SSL_CTX_set_default_verify_paths(ctx))) + { + /* BIO_printf(bio_err,"error setting default verify locations\n"); */ + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch new file mode 100644 index 0000000000..10c1ba222f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch @@ -0,0 +1,642 @@ +http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest + +Forward ported from openssl-1.0.1e-ipv6.patch + +Signed-off-by: Lars Wendler + +--- openssl-1.0.1h/apps/s_apps.h ++++ openssl-1.0.1h/apps/s_apps.h +@@ -148,7 +148,7 @@ + #define PORT_STR "4433" + #define PROTOCOL "tcp" + +-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context); ++int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6); + #ifdef HEADER_X509_H + int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); + #endif +@@ -156,7 +156,7 @@ + int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); + int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); + #endif +-int init_client(int *sock, char *server, int port, int type); ++int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6); + int should_retry(int i); + int extract_port(char *str, short *port_ptr); + int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); +--- openssl-1.0.1h/apps/s_client.c ++++ openssl-1.0.1h/apps/s_client.c +@@ -285,6 +285,10 @@ + { + BIO_printf(bio_err,"usage: s_client args\n"); + BIO_printf(bio_err,"\n"); ++ BIO_printf(bio_err," -4 - use IPv4 only\n"); ++#if OPENSSL_USE_IPV6 ++ BIO_printf(bio_err," -6 - use IPv6 only\n"); ++#endif + BIO_printf(bio_err," -host host - use -connect instead\n"); + BIO_printf(bio_err," -port port - use -connect instead\n"); + BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); +@@ -568,6 +572,7 @@ + int sbuf_len,sbuf_off; + fd_set readfds,writefds; + short port=PORT; ++ int use_ipv4, use_ipv6; + int full_log=1; + char *host=SSL_HOST_NAME; + char *cert_file=NULL,*key_file=NULL; +@@ -613,7 +618,11 @@ + #endif + char *sess_in = NULL; + char *sess_out = NULL; +- struct sockaddr peer; ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage peer; ++#else ++ struct sockaddr_in peer; ++#endif + int peerlen = sizeof(peer); + int enable_timeouts = 0 ; + long socket_mtu = 0; +@@ -628,6 +637,12 @@ + + meth=SSLv23_client_method(); + ++ use_ipv4 = 1; ++#if OPENSSL_USE_IPV6 ++ use_ipv6 = 1; ++#else ++ use_ipv6 = 0; ++#endif + apps_startup(); + c_Pause=0; + c_quiet=0; +@@ -949,6 +964,18 @@ + jpake_secret = *++argv; + } + #endif ++ else if (strcmp(*argv,"-4") == 0) ++ { ++ use_ipv4 = 1; ++ use_ipv6 = 0; ++ } ++#if OPENSSL_USE_IPV6 ++ else if (strcmp(*argv,"-6") == 0) ++ { ++ use_ipv4 = 0; ++ use_ipv6 = 1; ++ } ++#endif + #ifndef OPENSSL_NO_SRTP + else if (strcmp(*argv,"-use_srtp") == 0) + { +@@ -1260,7 +1287,7 @@ + + re_start: + +- if (init_client(&s,host,port,socket_type) == 0) ++ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0) + { + BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); + SHUTDOWN(s); +@@ -1286,7 +1313,7 @@ + { + + sbio=BIO_new_dgram(s,BIO_NOCLOSE); +- if (getsockname(s, &peer, (void *)&peerlen) < 0) ++ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) + { + BIO_printf(bio_err, "getsockname:errno=%d\n", + get_last_socket_error()); +--- openssl-1.0.1h/apps/s_server.c ++++ openssl-1.0.1h/apps/s_server.c +@@ -560,6 +560,10 @@ + BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); + # endif + #endif ++ BIO_printf(bio_err," -4 - use IPv4 only\n"); ++#if OPENSSL_USE_IPV6 ++ BIO_printf(bio_err," -6 - use IPv6 only\n"); ++#endif + BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); + BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); + } +@@ -947,6 +951,7 @@ + int state=0; + const SSL_METHOD *meth=NULL; + int socket_type=SOCK_STREAM; ++ int use_ipv4, use_ipv6; + ENGINE *e=NULL; + char *inrand=NULL; + int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; +@@ -975,6 +980,12 @@ + #endif + meth=SSLv23_server_method(); + ++ use_ipv4 = 1; ++#if OPENSSL_USE_IPV6 ++ use_ipv6 = 1; ++#else ++ use_ipv6 = 0; ++#endif + local_argc=argc; + local_argv=argv; + +@@ -1323,6 +1334,18 @@ + jpake_secret = *(++argv); + } + #endif ++ else if (strcmp(*argv,"-4") == 0) ++ { ++ use_ipv4 = 1; ++ use_ipv6 = 0; ++ } ++#if OPENSSL_USE_IPV6 ++ else if (strcmp(*argv,"-6") == 0) ++ { ++ use_ipv4 = 0; ++ use_ipv6 = 1; ++ } ++#endif + #ifndef OPENSSL_NO_SRTP + else if (strcmp(*argv,"-use_srtp") == 0) + { +@@ -1881,9 +1904,9 @@ + BIO_printf(bio_s_out,"ACCEPT\n"); + (void)BIO_flush(bio_s_out); + if (www) +- do_server(port,socket_type,&accept_socket,www_body, context); ++ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6); + else +- do_server(port,socket_type,&accept_socket,sv_body, context); ++ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6); + print_stats(bio_s_out,ctx); + ret=0; + end: +--- openssl-1.0.1h/apps/s_socket.c ++++ openssl-1.0.1h/apps/s_socket.c +@@ -97,16 +97,16 @@ + #include "netdb.h" + #endif + +-static struct hostent *GetHostByName(char *name); ++static struct hostent *GetHostByName(char *name, int domain); + #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) + static void ssl_sock_cleanup(void); + #endif + static int ssl_sock_init(void); +-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); +-static int init_server(int *sock, int port, int type); +-static int init_server_long(int *sock, int port,char *ip, int type); ++static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain); ++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); ++static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6); + static int do_accept(int acc_sock, int *sock, char **host); +-static int host_ip(char *str, unsigned char ip[4]); ++static int host_ip(char *str, unsigned char *ip, int domain); + + #ifdef OPENSSL_SYS_WIN16 + #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ +@@ -234,38 +234,68 @@ + return(1); + } + +-int init_client(int *sock, char *host, int port, int type) ++int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) + { ++#if OPENSSL_USE_IPV6 ++ unsigned char ip[16]; ++#else + unsigned char ip[4]; ++#endif + +- memset(ip, '\0', sizeof ip); +- if (!host_ip(host,&(ip[0]))) +- return 0; +- return init_client_ip(sock,ip,port,type); +- } +- +-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) +- { +- unsigned long addr; ++ if (use_ipv4) ++ if (host_ip(host,ip,AF_INET)) ++ return(init_client_ip(sock,ip,port,type,AF_INET)); ++#if OPENSSL_USE_IPV6 ++ if (use_ipv6) ++ if (host_ip(host,ip,AF_INET6)) ++ return(init_client_ip(sock,ip,port,type,AF_INET6)); ++#endif ++ return 0; ++ } ++ ++static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) ++ { ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage them; ++ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; ++ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; ++#else + struct sockaddr_in them; ++ struct sockaddr_in *them_in = &them; ++#endif ++ socklen_t addr_len; + int s,i; + + if (!ssl_sock_init()) return(0); + + memset((char *)&them,0,sizeof(them)); +- them.sin_family=AF_INET; +- them.sin_port=htons((unsigned short)port); +- addr=(unsigned long) +- ((unsigned long)ip[0]<<24L)| +- ((unsigned long)ip[1]<<16L)| +- ((unsigned long)ip[2]<< 8L)| +- ((unsigned long)ip[3]); +- them.sin_addr.s_addr=htonl(addr); ++ if (domain == AF_INET) ++ { ++ addr_len = (socklen_t)sizeof(struct sockaddr_in); ++ them_in->sin_family=AF_INET; ++ them_in->sin_port=htons((unsigned short)port); ++#ifndef BIT_FIELD_LIMITS ++ memcpy(&them_in->sin_addr.s_addr, ip, 4); ++#else ++ memcpy(&them_in->sin_addr, ip, 4); ++#endif ++ } ++ else ++#if OPENSSL_USE_IPV6 ++ { ++ addr_len = (socklen_t)sizeof(struct sockaddr_in6); ++ them_in6->sin6_family=AF_INET6; ++ them_in6->sin6_port=htons((unsigned short)port); ++ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); ++ } ++#else ++ return(0); ++#endif + + if (type == SOCK_STREAM) +- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); ++ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); + else /* ( type == SOCK_DGRAM) */ +- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); ++ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP); + + if (s == INVALID_SOCKET) { perror("socket"); return(0); } + +@@ -277,29 +307,27 @@ + if (i < 0) { closesocket(s); perror("keepalive"); return(0); } + } + #endif +- +- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) ++ if (connect(s,(struct sockaddr *)&them,addr_len) == -1) + { closesocket(s); perror("connect"); return(0); } + *sock=s; + return(1); + } + +-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context) ++int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6) + { + int sock; + char *name = NULL; + int accept_socket = 0; + int i; + +- if (!init_server(&accept_socket,port,type)) return(0); +- ++ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0); + if (ret != NULL) + { + *ret=accept_socket; + /* return(1);*/ + } +- for (;;) +- { ++ for (;;) ++ { + if (type==SOCK_STREAM) + { + if (do_accept(accept_socket,&sock,&name) == 0) +@@ -322,41 +350,88 @@ + } + } + +-static int init_server_long(int *sock, int port, char *ip, int type) ++static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) + { + int ret=0; ++ int domain; ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage server; ++ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; ++ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; ++#else + struct sockaddr_in server; ++ struct sockaddr_in *server_in = &server; ++#endif ++ socklen_t addr_len; + int s= -1; + ++ if (!use_ipv4 && !use_ipv6) ++ goto err; ++#if OPENSSL_USE_IPV6 ++ /* we are fine here */ ++#else ++ if (use_ipv6) ++ goto err; ++#endif + if (!ssl_sock_init()) return(0); + +- memset((char *)&server,0,sizeof(server)); +- server.sin_family=AF_INET; +- server.sin_port=htons((unsigned short)port); +- if (ip == NULL) +- server.sin_addr.s_addr=INADDR_ANY; +- else +-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ +-#ifndef BIT_FIELD_LIMITS +- memcpy(&server.sin_addr.s_addr,ip,4); ++#if OPENSSL_USE_IPV6 ++ domain = use_ipv6 ? AF_INET6 : AF_INET; + #else +- memcpy(&server.sin_addr,ip,4); ++ domain = AF_INET; + #endif +- +- if (type == SOCK_STREAM) +- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); +- else /* type == SOCK_DGRAM */ +- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); ++ if (type == SOCK_STREAM) ++ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); ++ else /* type == SOCK_DGRAM */ ++ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP); + + if (s == INVALID_SOCKET) goto err; + #if defined SOL_SOCKET && defined SO_REUSEADDR ++ { ++ int j = 1; ++ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, ++ (void *) &j, sizeof j); ++ } ++#endif ++#if OPENSSL_USE_IPV6 ++ if ((use_ipv4 == 0) && (use_ipv6 == 1)) ++ { ++ const int on = 1; ++ ++ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, ++ (const void *) &on, sizeof(int)); ++ } ++#endif ++ if (domain == AF_INET) ++ { ++ addr_len = (socklen_t)sizeof(struct sockaddr_in); ++ memset(server_in, 0, sizeof(struct sockaddr_in)); ++ server_in->sin_family=AF_INET; ++ server_in->sin_port = htons((unsigned short)port); ++ if (ip == NULL) ++ server_in->sin_addr.s_addr = htonl(INADDR_ANY); ++ else ++/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ ++#ifndef BIT_FIELD_LIMITS ++ memcpy(&server_in->sin_addr.s_addr, ip, 4); ++#else ++ memcpy(&server_in->sin_addr, ip, 4); ++#endif ++ } ++#if OPENSSL_USE_IPV6 ++ else + { +- int j = 1; +- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, +- (void *) &j, sizeof j); ++ addr_len = (socklen_t)sizeof(struct sockaddr_in6); ++ memset(server_in6, 0, sizeof(struct sockaddr_in6)); ++ server_in6->sin6_family = AF_INET6; ++ server_in6->sin6_port = htons((unsigned short)port); ++ if (ip == NULL) ++ server_in6->sin6_addr = in6addr_any; ++ else ++ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); + } + #endif +- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) ++ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) + { + #ifndef OPENSSL_SYS_WINDOWS + perror("bind"); +@@ -375,16 +450,23 @@ + return(ret); + } + +-static int init_server(int *sock, int port, int type) ++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) + { +- return(init_server_long(sock, port, NULL, type)); ++ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); + } + + static int do_accept(int acc_sock, int *sock, char **host) + { + int ret; + struct hostent *h1,*h2; +- static struct sockaddr_in from; ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage from; ++ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; ++ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; ++#else ++ struct sockaddr_in from; ++ struct sockaddr_in *from_in = &from; ++#endif + int len; + /* struct linger ling; */ + +@@ -431,13 +513,23 @@ + */ + + if (host == NULL) goto end; ++#if OPENSSL_USE_IPV6 ++ if (from.ss_family == AF_INET) ++#else ++ if (from.sin_family == AF_INET) ++#endif + #ifndef BIT_FIELD_LIMITS +- /* I should use WSAAsyncGetHostByName() under windows */ +- h1=gethostbyaddr((char *)&from.sin_addr.s_addr, +- sizeof(from.sin_addr.s_addr),AF_INET); ++ /* I should use WSAAsyncGetHostByName() under windows */ ++ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr, ++ sizeof(from_in->sin_addr.s_addr), AF_INET); + #else +- h1=gethostbyaddr((char *)&from.sin_addr, +- sizeof(struct in_addr),AF_INET); ++ h1=gethostbyaddr((char *)&from_in->sin_addr, ++ sizeof(struct in_addr), AF_INET); ++#endif ++#if OPENSSL_USE_IPV6 ++ else ++ h1=gethostbyaddr((char *)&from_in6->sin6_addr, ++ sizeof(struct in6_addr), AF_INET6); + #endif + if (h1 == NULL) + { +@@ -455,16 +547,25 @@ + } + BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); + +- h2=GetHostByName(*host); ++#if OPENSSL_USE_IPV6 ++ h2=GetHostByName(*host, from.ss_family); ++#else ++ h2=GetHostByName(*host, from.sin_family); ++#endif ++ + if (h2 == NULL) + { + BIO_printf(bio_err,"gethostbyname failure\n"); + closesocket(ret); + return(0); + } +- if (h2->h_addrtype != AF_INET) ++#if OPENSSL_USE_IPV6 ++ if (h2->h_addrtype != from.ss_family) ++#else ++ if (h2->h_addrtype != from.sin_family) ++#endif + { +- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); ++ BIO_printf(bio_err,"gethostbyname addr address is not correct\n"); + closesocket(ret); + return(0); + } +@@ -480,7 +581,7 @@ + char *h,*p; + + h=str; +- p=strchr(str,':'); ++ p=strrchr(str,':'); + if (p == NULL) + { + BIO_printf(bio_err,"no port defined\n"); +@@ -488,7 +589,7 @@ + } + *(p++)='\0'; + +- if ((ip != NULL) && !host_ip(str,ip)) ++ if ((ip != NULL) && !host_ip(str,ip,AF_INET)) + goto err; + if (host_ptr != NULL) *host_ptr=h; + +@@ -499,48 +600,58 @@ + return(0); + } + +-static int host_ip(char *str, unsigned char ip[4]) ++static int host_ip(char *str, unsigned char *ip, int domain) + { +- unsigned int in[4]; ++ unsigned int in[4]; ++ unsigned long l; + int i; + +- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) ++ if ((domain == AF_INET) && ++ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)) + { ++ + for (i=0; i<4; i++) + if (in[i] > 255) + { + BIO_printf(bio_err,"invalid IP address\n"); + goto err; + } +- ip[0]=in[0]; +- ip[1]=in[1]; +- ip[2]=in[2]; +- ip[3]=in[3]; +- } ++ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); ++ memcpy(ip, &l, 4); ++ return 1; ++ } ++#if OPENSSL_USE_IPV6 ++ else if ((domain == AF_INET6) && ++ (inet_pton(AF_INET6, str, ip) == 1)) ++ return 1; ++#endif + else + { /* do a gethostbyname */ + struct hostent *he; + + if (!ssl_sock_init()) return(0); + +- he=GetHostByName(str); ++ he=GetHostByName(str,domain); + if (he == NULL) + { + BIO_printf(bio_err,"gethostbyname failure\n"); + goto err; + } + /* cast to short because of win16 winsock definition */ +- if ((short)he->h_addrtype != AF_INET) ++ if ((short)he->h_addrtype != domain) + { +- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); ++ BIO_printf(bio_err,"gethostbyname addr family is not correct\n"); + return(0); + } +- ip[0]=he->h_addr_list[0][0]; +- ip[1]=he->h_addr_list[0][1]; +- ip[2]=he->h_addr_list[0][2]; +- ip[3]=he->h_addr_list[0][3]; ++ if (domain == AF_INET) ++ memset(ip, 0, 4); ++#if OPENSSL_USE_IPV6 ++ else ++ memset(ip, 0, 16); ++#endif ++ memcpy(ip, he->h_addr_list[0], he->h_length); ++ return 1; + } +- return(1); + err: + return(0); + } +@@ -577,7 +688,7 @@ + static unsigned long ghbn_hits=0L; + static unsigned long ghbn_miss=0L; + +-static struct hostent *GetHostByName(char *name) ++static struct hostent *GetHostByName(char *name, int domain) + { + struct hostent *ret; + int i,lowi=0; +@@ -592,14 +703,20 @@ + } + if (ghbn_cache[i].order > 0) + { +- if (strncmp(name,ghbn_cache[i].name,128) == 0) ++ if ((strncmp(name,ghbn_cache[i].name,128) == 0) && ++ (ghbn_cache[i].ent.h_addrtype == domain)) + break; + } + } + if (i == GHBN_NUM) /* no hit*/ + { + ghbn_miss++; +- ret=gethostbyname(name); ++ if (domain == AF_INET) ++ ret=gethostbyname(name); ++#if OPENSSL_USE_IPV6 ++ else ++ ret=gethostbyname2(name, AF_INET6); ++#endif + if (ret == NULL) return(NULL); + /* else add to cache */ + if(strlen(name) < sizeof ghbn_cache[0].name) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch new file mode 100644 index 0000000000..811f573a11 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch @@ -0,0 +1,356 @@ +--- openssl-1.0.1l/crypto/asn1/a_type.c ++++ openssl-1.0.1l/crypto/asn1/a_type.c +@@ -124,6 +124,9 @@ + case V_ASN1_OBJECT: + result = OBJ_cmp(a->value.object, b->value.object); + break; ++ case V_ASN1_BOOLEAN: ++ result = a->value.boolean - b->value.boolean; ++ break; + case V_ASN1_NULL: + result = 0; /* They do not have content. */ + break; +--- openssl-1.0.1l/crypto/asn1/tasn_dec.c ++++ openssl-1.0.1l/crypto/asn1/tasn_dec.c +@@ -130,11 +130,17 @@ + { + ASN1_TLC c; + ASN1_VALUE *ptmpval = NULL; +- if (!pval) +- pval = &ptmpval; + asn1_tlc_clear_nc(&c); +- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) +- return *pval; ++ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) ++ ptmpval = *pval; ++ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { ++ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { ++ if (*pval) ++ ASN1_item_free(*pval, it); ++ *pval = ptmpval; ++ } ++ return ptmpval; ++ } + return NULL; + } + +@@ -311,9 +317,16 @@ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) + goto auxerr; + +- /* Allocate structure */ +- if (!*pval && !ASN1_item_ex_new(pval, it)) +- { ++ if (*pval) { ++ /* Free up and zero CHOICE value if initialised */ ++ i = asn1_get_choice_selector(pval, it); ++ if ((i >= 0) && (i < it->tcount)) { ++ tt = it->templates + i; ++ pchptr = asn1_get_field_ptr(pval, tt); ++ ASN1_template_free(pchptr, tt); ++ asn1_set_choice_selector(pval, -1, it); ++ } ++ } else if (!ASN1_item_ex_new(pval, it)) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); + goto err; +@@ -407,6 +420,17 @@ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) + goto auxerr; + ++ /* Free up and zero any ADB found */ ++ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { ++ if (tt->flags & ASN1_TFLG_ADB_MASK) { ++ const ASN1_TEMPLATE *seqtt; ++ ASN1_VALUE **pseqval; ++ seqtt = asn1_do_adb(pval, tt, 1); ++ pseqval = asn1_get_field_ptr(pval, seqtt); ++ ASN1_template_free(pseqval, seqtt); ++ } ++ } ++ + /* Get each field entry */ + for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) + { +--- openssl-1.0.1l/crypto/pkcs7/pk7_doit.c ++++ openssl-1.0.1l/crypto/pkcs7/pk7_doit.c +@@ -272,6 +272,25 @@ + PKCS7_RECIP_INFO *ri=NULL; + ASN1_OCTET_STRING *os=NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); ++ return NULL; ++ } ++ /* ++ * The content field in the PKCS7 ContentInfo is optional, but that really ++ * only applies to inner content (precisely, detached signatures). ++ * ++ * When reading content, missing outer content is therefore treated as an ++ * error. ++ * ++ * When creating content, PKCS7_content_new() must be called before ++ * calling this method, so a NULL p7->d is always an error. ++ */ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); ++ return NULL; ++ } ++ + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + +@@ -433,6 +452,16 @@ + unsigned char *ek = NULL, *tkey = NULL; + int eklen = 0, tkeylen = 0; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); ++ return NULL; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); ++ return NULL; ++ } ++ + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; + +@@ -752,6 +781,16 @@ + STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; + ASN1_OCTET_STRING *os=NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); ++ return 0; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); ++ return 0; ++ } ++ + EVP_MD_CTX_init(&ctx_tmp); + i=OBJ_obj2nid(p7->type); + p7->state=PKCS7_S_HEADER; +@@ -796,6 +835,7 @@ + /* If detached data then the content is excluded */ + if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { + M_ASN1_OCTET_STRING_free(os); ++ os = NULL; + p7->d.sign->contents->d.data = NULL; + } + break; +@@ -806,6 +846,7 @@ + if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) + { + M_ASN1_OCTET_STRING_free(os); ++ os = NULL; + p7->d.digest->contents->d.data = NULL; + } + break; +@@ -878,24 +919,31 @@ + M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); + } + +- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) +- { ++ if (!PKCS7_is_detached(p7)) { ++ /* ++ * NOTE(emilia): I think we only reach os == NULL here because detached ++ * digested data support is broken. ++ */ ++ if (os == NULL) ++ goto err; ++ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { + char *cont; + long contlen; +- btmp=BIO_find_type(bio,BIO_TYPE_MEM); +- if (btmp == NULL) +- { +- PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); +- goto err; +- } ++ btmp = BIO_find_type(bio, BIO_TYPE_MEM); ++ if (btmp == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); ++ goto err; ++ } + contlen = BIO_get_mem_data(btmp, &cont); +- /* Mark the BIO read only then we can use its copy of the data ++ /* ++ * Mark the BIO read only then we can use its copy of the data + * instead of making an extra copy. + */ + BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); + BIO_set_mem_eof_return(btmp, 0); + ASN1_STRING_set0(os, (unsigned char *)cont, contlen); +- } ++ } ++ } + ret=1; + err: + EVP_MD_CTX_cleanup(&ctx_tmp); +@@ -971,6 +1019,16 @@ + STACK_OF(X509) *cert; + X509 *x509; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); ++ return 0; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); ++ return 0; ++ } ++ + if (PKCS7_type_is_signed(p7)) + { + cert=p7->d.sign->cert; +--- openssl-1.0.1l/crypto/pkcs7/pk7_lib.c ++++ openssl-1.0.1l/crypto/pkcs7/pk7_lib.c +@@ -71,6 +71,7 @@ + + switch (cmd) + { ++ /* NOTE(emilia): does not support detached digested data. */ + case PKCS7_OP_SET_DETACHED_SIGNATURE: + if (nid == NID_pkcs7_signed) + { +@@ -459,6 +460,8 @@ + + STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) + { ++ if (p7 == NULL || p7->d.ptr == NULL) ++ return NULL; + if (PKCS7_type_is_signed(p7)) + { + return(p7->d.sign->signer_info); +--- openssl-1.0.1l/doc/crypto/d2i_X509.pod ++++ openssl-1.0.1l/doc/crypto/d2i_X509.pod +@@ -199,6 +199,12 @@ + persist if they are not present in the new one. As a result the use + of this "reuse" behaviour is strongly discouraged. + ++Current versions of OpenSSL will not modify B<*px> if an error occurs. ++If parsing succeeds then B<*px> is freed (if it is not NULL) and then ++set to the value of the newly decoded structure. As a result B<*px> ++B be allocated on the stack or an attempt will be made to ++free an invalid pointer. ++ + i2d_X509() will not return an error in many versions of OpenSSL, + if mandatory fields are not initialized due to a programming error + then the encoded structure may contain invalid data or omit the +@@ -210,7 +216,9 @@ + + d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B structure + or B if an error occurs. The error code that can be obtained by +-L. ++L. If the "reuse" capability has been used ++with a valid X509 structure being passed in via B then the object is not ++modified in the event of error. + + i2d_X509() returns the number of bytes successfully encoded or a negative + value if an error occurs. The error code can be obtained by +--- openssl-1.0.1l/ssl/s2_lib.c ++++ openssl-1.0.1l/ssl/s2_lib.c +@@ -488,7 +488,7 @@ + + OPENSSL_assert(s->session->master_key_length >= 0 + && s->session->master_key_length +- < (int)sizeof(s->session->master_key)); ++ <= (int)sizeof(s->session->master_key)); + EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); + EVP_DigestUpdate(&ctx,&c,1); + c++; +--- openssl-1.0.1l/ssl/s2_srvr.c ++++ openssl-1.0.1l/ssl/s2_srvr.c +@@ -454,10 +454,6 @@ + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); + return(-1); + } +- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, +- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), +- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); +- + is_export=SSL_C_IS_EXPORT(s->session->cipher); + + if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) +@@ -475,21 +471,59 @@ + else + ek=5; + ++ /* ++ * The format of the CLIENT-MASTER-KEY message is ++ * 1 byte message type ++ * 3 bytes cipher ++ * 2-byte clear key length (stored in s->s2->tmp.clear) ++ * 2-byte encrypted key length (stored in s->s2->tmp.enc) ++ * 2-byte key args length (IV etc) ++ * clear key ++ * encrypted key ++ * key args ++ * ++ * If the cipher is an export cipher, then the encrypted key bytes ++ * are a fixed portion of the total key (5 or 8 bytes). The size of ++ * this portion is in |ek|. If the cipher is not an export cipher, ++ * then the entire key material is encrypted (i.e., clear key length ++ * must be zero). ++ */ ++ if ((!is_export && s->s2->tmp.clear != 0) || ++ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { ++ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); ++ return -1; ++ } ++ /* ++ * The encrypted blob must decrypt to the encrypted portion of the key. ++ * Decryption can't be expanding, so if we don't have enough encrypted ++ * bytes to fit the key in the buffer, stop now. ++ */ ++ if ((is_export && s->s2->tmp.enc < ek) || ++ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { ++ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); ++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); ++ return -1; ++ } ++ ++ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, ++ &(p[s->s2->tmp.clear]), ++ &(p[s->s2->tmp.clear]), ++ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : ++ RSA_PKCS1_PADDING); ++ + /* bad decrypt */ + #if 1 + /* If a bad decrypt, continue with protocol but with a + * random master secret (Bleichenbacher attack) */ +- if ((i < 0) || +- ((!is_export && (i != EVP_CIPHER_key_length(c))) +- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != +- (unsigned int)EVP_CIPHER_key_length(c)))))) +- { ++ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) ++ || (is_export && i != ek))) { + ERR_clear_error(); + if (is_export) + i=ek; + else + i=EVP_CIPHER_key_length(c); +- if (RAND_pseudo_bytes(p,i) <= 0) ++ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) + return 0; + } + #else +@@ -513,7 +547,8 @@ + } + #endif + +- if (is_export) i+=s->s2->tmp.clear; ++ if (is_export) ++ i = EVP_CIPHER_key_length(c); + + if (i > SSL_MAX_MASTER_KEY_LENGTH) + { diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch new file mode 100644 index 0000000000..db92b79f6a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch @@ -0,0 +1,364 @@ +http://rt.openssl.org/Ticket/Display.html?id=2084 + +--- openssl-1.0.1m/crypto/Makefile ++++ openssl-1.0.1m/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o + $(RANLIB) $(LIB) || echo Never mind. +@@ -111,7 +111,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -120,7 +120,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- openssl-1.0.1m/crypto/objects/Makefile ++++ openssl-1.0.1m/crypto/objects/Makefile +@@ -44,11 +44,11 @@ + # objects.pl both reads and writes obj_mac.num + obj_mac.h: objects.pl objects.txt obj_mac.num + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h +- @sleep 1; touch obj_mac.h; sleep 1 + +-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num ++# This doesn't really need obj_mac.h, but since that rule reads & writes ++# obj_mac.num, we can't run in parallel with it. ++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h + $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h +- @sleep 1; touch obj_xref.h; sleep 1 + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +--- openssl-1.0.1m/engines/Makefile ++++ openssl-1.0.1m/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- openssl-1.0.1m/Makefile.org ++++ openssl-1.0.1m/Makefile.org +@@ -273,17 +273,17 @@ + build_libs: build_crypto build_ssl build_engines + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: +- @dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: +- @dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: +- @dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: +- @dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) ++build_ssl: build_crypto ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) ++build_engines: build_crypto ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) ++build_apps: build_libs ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) ++build_tests: build_libs ++ +@dir=test; target=all; $(BUILD_ONE_CMD) ++build_tools: build_libs ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -538,9 +538,9 @@ + dist_pem_h: + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + +-install: all install_docs install_sw ++install: install_docs install_sw + +-install_sw: ++install_dirs: + @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ +@@ -549,12 +549,19 @@ + $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/private ++ @$(PERL) $(TOP)/util/mkdir-p.pl \ ++ $(INSTALL_PREFIX)$(MANDIR)/man1 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man3 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man5 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man7 ++ ++install_sw: install_dirs + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ + do \ + if [ -f "$$i" ]; then \ +@@ -634,12 +641,7 @@ + done; \ + done + +-install_docs: +- @$(PERL) $(TOP)/util/mkdir-p.pl \ +- $(INSTALL_PREFIX)$(MANDIR)/man1 \ +- $(INSTALL_PREFIX)$(MANDIR)/man3 \ +- $(INSTALL_PREFIX)$(MANDIR)/man5 \ +- $(INSTALL_PREFIX)$(MANDIR)/man7 ++install_docs: install_dirs + @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ + here="`pwd`"; \ + filecase=; \ +--- openssl-1.0.1m/Makefile.shared ++++ openssl-1.0.1m/Makefile.shared +@@ -105,6 +105,7 @@ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ ++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ + $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ +@@ -122,6 +123,7 @@ + done; \ + fi; \ + if [ -n "$$SHLIB_SOVER" ]; then \ ++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ + ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ + ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ + fi; \ +--- openssl-1.0.1m/test/Makefile ++++ openssl-1.0.1m/test/Makefile +@@ -130,7 +130,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -388,118 +388,118 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(FIPS_BUILD_CMD) ++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) +- @target=$(EVPEXTRATEST); $(BUILD_CMD) ++ +@target=$(EVPEXTRATEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) +- @target=$(SRPTEST); $(BUILD_CMD) ++ +@target=$(SRPTEST); $(BUILD_CMD) + + $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) +- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) ++ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) + + $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o +- @target=$(CONSTTIMETEST) $(BUILD_CMD) ++ +@target=$(CONSTTIMETEST) $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -512,7 +512,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch new file mode 100644 index 0000000000..8aa29e488f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch @@ -0,0 +1,21 @@ +https://bugs.gentoo.org/472584 +http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest + +fix verification handling in s_client. when loading paths, make sure +we properly fallback to setting the default paths. + +Forward-ported from openssl-1.0.1e-s_client-verify.patch + +Signed-off-by: Lars Wendler + +--- openssl-1.0.1m/apps/s_client.c ++++ openssl-1.0.1m/apps/s_client.c +@@ -1177,7 +1177,7 @@ int MAIN(int argc, char **argv) + if (!set_cert_key_stuff(ctx, cert, key)) + goto end; + +- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || ++ if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) && + (!SSL_CTX_set_default_verify_paths(ctx))) { + /* + * BIO_printf(bio_err,"error setting default verify locations\n"); diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch deleted file mode 100644 index 73029985ae..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch +++ /dev/null @@ -1,30 +0,0 @@ -https://bugs.gentoo.org/554338 -https://rt.openssl.org/Ticket/Display.html?id=3934&user=guest&pass=guest - -From 7c2e97f8bbae517496fdc11f475b4ae54b2534f5 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Fri, 10 Jul 2015 01:50:52 -0400 -Subject: [PATCH] test: use _DEFAULT_SOURCE with newer glibc versions - -The _BSD_SOURCE macro is replaced by the _DEFAULT_SOURCE macro. Using -just the former with newer versions leads to a build time warning, so -make sure to use the new macro too. ---- - ssl/ssltest.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/ssl/ssltest.c b/ssl/ssltest.c -index 26cf96c..b36f667 100644 ---- a/ssl/ssltest.c -+++ b/ssl/ssltest.c -@@ -141,6 +141,7 @@ - */ - - /* Or gethostname won't be declared properly on Linux and GNU platforms. */ -+#define _DEFAULT_SOURCE 1 - #define _BSD_SOURCE 1 - - #include --- -2.4.4 - diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch new file mode 100644 index 0000000000..6d396b42be --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch @@ -0,0 +1,49 @@ +https://bugs.gentoo.org/541502 + +From 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Mon, 9 Feb 2015 11:38:41 +0000 +Subject: [PATCH] Fix a failure to NULL a pointer freed on error. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Inspired by BoringSSL commit 517073cd4b by Eric Roman + +CVE-2015-0209 + +Reviewed-by: Emilia Käsper +--- + crypto/ec/ec_asn1.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c +index 30b7df4..d3e8316 100644 +--- a/crypto/ec/ec_asn1.c ++++ b/crypto/ec/ec_asn1.c +@@ -1014,8 +1014,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); + goto err; + } +- if (a) +- *a = ret; + } else + ret = *a; + +@@ -1067,10 +1065,12 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) + } + } + ++ if (a) ++ *a = ret; + ok = 1; + err: + if (!ok) { +- if (ret) ++ if (ret && (a == NULL || *a != ret)) + EC_KEY_free(ret); + ret = NULL; + } +-- +2.3.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch new file mode 100644 index 0000000000..a6a10b0a2c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch @@ -0,0 +1,31 @@ +https://bugs.gentoo.org/542038 + +From 28a00bcd8e318da18031b2ac8778c64147cd54f9 Mon Sep 17 00:00:00 2001 +From: "Dr. Stephen Henson" +Date: Wed, 18 Feb 2015 00:34:59 +0000 +Subject: [PATCH] Check public key is not NULL. + +CVE-2015-0288 +PR#3708 + +Reviewed-by: Matt Caswell +--- + crypto/x509/x509_req.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c +index bc6e566..01795f4 100644 +--- a/crypto/x509/x509_req.c ++++ b/crypto/x509/x509_req.c +@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) + goto err; + + pktmp = X509_get_pubkey(x); ++ if (pktmp == NULL) ++ goto err; + i = X509_REQ_set_pubkey(ret, pktmp); + EVP_PKEY_free(pktmp); + if (!i) +-- +2.3.1 + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch new file mode 100644 index 0000000000..852d06e918 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch @@ -0,0 +1,459 @@ +--- openssl-1.0.2/crypto/asn1/a_type.c ++++ openssl-1.0.2/crypto/asn1/a_type.c +@@ -119,6 +119,9 @@ + case V_ASN1_OBJECT: + result = OBJ_cmp(a->value.object, b->value.object); + break; ++ case V_ASN1_BOOLEAN: ++ result = a->value.boolean - b->value.boolean; ++ break; + case V_ASN1_NULL: + result = 0; /* They do not have content. */ + break; +--- openssl-1.0.2/crypto/asn1/tasn_dec.c ++++ openssl-1.0.2/crypto/asn1/tasn_dec.c +@@ -140,11 +140,17 @@ + { + ASN1_TLC c; + ASN1_VALUE *ptmpval = NULL; +- if (!pval) +- pval = &ptmpval; + asn1_tlc_clear_nc(&c); +- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) +- return *pval; ++ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) ++ ptmpval = *pval; ++ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { ++ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { ++ if (*pval) ++ ASN1_item_free(*pval, it); ++ *pval = ptmpval; ++ } ++ return ptmpval; ++ } + return NULL; + } + +@@ -304,9 +310,16 @@ + case ASN1_ITYPE_CHOICE: + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) + goto auxerr; +- +- /* Allocate structure */ +- if (!*pval && !ASN1_item_ex_new(pval, it)) { ++ if (*pval) { ++ /* Free up and zero CHOICE value if initialised */ ++ i = asn1_get_choice_selector(pval, it); ++ if ((i >= 0) && (i < it->tcount)) { ++ tt = it->templates + i; ++ pchptr = asn1_get_field_ptr(pval, tt); ++ ASN1_template_free(pchptr, tt); ++ asn1_set_choice_selector(pval, -1, it); ++ } ++ } else if (!ASN1_item_ex_new(pval, it)) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } +@@ -386,6 +399,17 @@ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) + goto auxerr; + ++ /* Free up and zero any ADB found */ ++ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { ++ if (tt->flags & ASN1_TFLG_ADB_MASK) { ++ const ASN1_TEMPLATE *seqtt; ++ ASN1_VALUE **pseqval; ++ seqtt = asn1_do_adb(pval, tt, 1); ++ pseqval = asn1_get_field_ptr(pval, seqtt); ++ ASN1_template_free(pseqval, seqtt); ++ } ++ } ++ + /* Get each field entry */ + for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { + const ASN1_TEMPLATE *seqtt; +--- openssl-1.0.2/crypto/pkcs7/pk7_doit.c ++++ openssl-1.0.2/crypto/pkcs7/pk7_doit.c +@@ -261,6 +261,25 @@ + PKCS7_RECIP_INFO *ri = NULL; + ASN1_OCTET_STRING *os = NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); ++ return NULL; ++ } ++ /* ++ * The content field in the PKCS7 ContentInfo is optional, but that really ++ * only applies to inner content (precisely, detached signatures). ++ * ++ * When reading content, missing outer content is therefore treated as an ++ * error. ++ * ++ * When creating content, PKCS7_content_new() must be called before ++ * calling this method, so a NULL p7->d is always an error. ++ */ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); ++ return NULL; ++ } ++ + i = OBJ_obj2nid(p7->type); + p7->state = PKCS7_S_HEADER; + +@@ -411,6 +430,16 @@ + unsigned char *ek = NULL, *tkey = NULL; + int eklen = 0, tkeylen = 0; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); ++ return NULL; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); ++ return NULL; ++ } ++ + i = OBJ_obj2nid(p7->type); + p7->state = PKCS7_S_HEADER; + +@@ -707,6 +736,16 @@ + STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL; + ASN1_OCTET_STRING *os = NULL; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); ++ return 0; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); ++ return 0; ++ } ++ + EVP_MD_CTX_init(&ctx_tmp); + i = OBJ_obj2nid(p7->type); + p7->state = PKCS7_S_HEADER; +@@ -746,6 +785,7 @@ + /* If detached data then the content is excluded */ + if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { + M_ASN1_OCTET_STRING_free(os); ++ os = NULL; + p7->d.sign->contents->d.data = NULL; + } + break; +@@ -755,6 +795,7 @@ + /* If detached data then the content is excluded */ + if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) { + M_ASN1_OCTET_STRING_free(os); ++ os = NULL; + p7->d.digest->contents->d.data = NULL; + } + break; +@@ -820,22 +861,30 @@ + M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); + } + +- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) { +- char *cont; +- long contlen; +- btmp = BIO_find_type(bio, BIO_TYPE_MEM); +- if (btmp == NULL) { +- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); +- goto err; +- } +- contlen = BIO_get_mem_data(btmp, &cont); ++ if (!PKCS7_is_detached(p7)) { + /* +- * Mark the BIO read only then we can use its copy of the data +- * instead of making an extra copy. ++ * NOTE(emilia): I think we only reach os == NULL here because detached ++ * digested data support is broken. + */ +- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); +- BIO_set_mem_eof_return(btmp, 0); +- ASN1_STRING_set0(os, (unsigned char *)cont, contlen); ++ if (os == NULL) ++ goto err; ++ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { ++ char *cont; ++ long contlen; ++ btmp = BIO_find_type(bio, BIO_TYPE_MEM); ++ if (btmp == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); ++ goto err; ++ } ++ contlen = BIO_get_mem_data(btmp, &cont); ++ /* ++ * Mark the BIO read only then we can use its copy of the data ++ * instead of making an extra copy. ++ */ ++ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); ++ BIO_set_mem_eof_return(btmp, 0); ++ ASN1_STRING_set0(os, (unsigned char *)cont, contlen); ++ } + } + ret = 1; + err: +@@ -910,6 +959,16 @@ + STACK_OF(X509) *cert; + X509 *x509; + ++ if (p7 == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); ++ return 0; ++ } ++ ++ if (p7->d.ptr == NULL) { ++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); ++ return 0; ++ } ++ + if (PKCS7_type_is_signed(p7)) { + cert = p7->d.sign->cert; + } else if (PKCS7_type_is_signedAndEnveloped(p7)) { +--- openssl-1.0.2/crypto/pkcs7/pk7_lib.c ++++ openssl-1.0.2/crypto/pkcs7/pk7_lib.c +@@ -70,6 +70,7 @@ + nid = OBJ_obj2nid(p7->type); + + switch (cmd) { ++ /* NOTE(emilia): does not support detached digested data. */ + case PKCS7_OP_SET_DETACHED_SIGNATURE: + if (nid == NID_pkcs7_signed) { + ret = p7->detached = (int)larg; +@@ -444,6 +445,8 @@ + + STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) + { ++ if (p7 == NULL || p7->d.ptr == NULL) ++ return NULL; + if (PKCS7_type_is_signed(p7)) { + return (p7->d.sign->signer_info); + } else if (PKCS7_type_is_signedAndEnveloped(p7)) { +--- openssl-1.0.2/crypto/rsa/rsa_ameth.c ++++ openssl-1.0.2/crypto/rsa/rsa_ameth.c +@@ -698,9 +698,10 @@ + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); + return -1; + } +- if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey)) ++ if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { + /* Carry on */ + return 2; ++ } + return -1; + } + +--- openssl-1.0.2/doc/crypto/d2i_X509.pod ++++ openssl-1.0.2/doc/crypto/d2i_X509.pod +@@ -207,6 +207,12 @@ + persist if they are not present in the new one. As a result the use + of this "reuse" behaviour is strongly discouraged. + ++Current versions of OpenSSL will not modify B<*px> if an error occurs. ++If parsing succeeds then B<*px> is freed (if it is not NULL) and then ++set to the value of the newly decoded structure. As a result B<*px> ++B be allocated on the stack or an attempt will be made to ++free an invalid pointer. ++ + i2d_X509() will not return an error in many versions of OpenSSL, + if mandatory fields are not initialized due to a programming error + then the encoded structure may contain invalid data or omit the +@@ -233,7 +239,9 @@ + + d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B structure + or B if an error occurs. The error code that can be obtained by +-L. ++L. If the "reuse" capability has been used ++with a valid X509 structure being passed in via B then the object is not ++modified in the event of error. + + i2d_X509() returns the number of bytes successfully encoded or a negative + value if an error occurs. The error code can be obtained by +--- openssl-1.0.2/ssl/d1_lib.c ++++ openssl-1.0.2/ssl/d1_lib.c +@@ -543,6 +543,9 @@ + { + int ret; + ++ /* Ensure there is no state left over from a previous invocation */ ++ SSL_clear(s); ++ + SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); + s->d1->listen = 1; + +--- openssl-1.0.2/ssl/s2_lib.c ++++ openssl-1.0.2/ssl/s2_lib.c +@@ -493,7 +493,7 @@ + + OPENSSL_assert(s->session->master_key_length >= 0 + && s->session->master_key_length +- < (int)sizeof(s->session->master_key)); ++ <= (int)sizeof(s->session->master_key)); + EVP_DigestUpdate(&ctx, s->session->master_key, + s->session->master_key_length); + EVP_DigestUpdate(&ctx, &c, 1); +--- openssl-1.0.2/ssl/s2_srvr.c ++++ openssl-1.0.2/ssl/s2_srvr.c +@@ -454,11 +454,6 @@ + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY); + return (-1); + } +- i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, +- &(p[s->s2->tmp.clear]), +- &(p[s->s2->tmp.clear]), +- (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : +- RSA_PKCS1_PADDING); + + is_export = SSL_C_IS_EXPORT(s->session->cipher); + +@@ -475,23 +470,61 @@ + } else + ek = 5; + ++ /* ++ * The format of the CLIENT-MASTER-KEY message is ++ * 1 byte message type ++ * 3 bytes cipher ++ * 2-byte clear key length (stored in s->s2->tmp.clear) ++ * 2-byte encrypted key length (stored in s->s2->tmp.enc) ++ * 2-byte key args length (IV etc) ++ * clear key ++ * encrypted key ++ * key args ++ * ++ * If the cipher is an export cipher, then the encrypted key bytes ++ * are a fixed portion of the total key (5 or 8 bytes). The size of ++ * this portion is in |ek|. If the cipher is not an export cipher, ++ * then the entire key material is encrypted (i.e., clear key length ++ * must be zero). ++ */ ++ if ((!is_export && s->s2->tmp.clear != 0) || ++ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { ++ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); ++ return -1; ++ } ++ /* ++ * The encrypted blob must decrypt to the encrypted portion of the key. ++ * Decryption can't be expanding, so if we don't have enough encrypted ++ * bytes to fit the key in the buffer, stop now. ++ */ ++ if ((is_export && s->s2->tmp.enc < ek) || ++ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { ++ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); ++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); ++ return -1; ++ } ++ ++ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, ++ &(p[s->s2->tmp.clear]), ++ &(p[s->s2->tmp.clear]), ++ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : ++ RSA_PKCS1_PADDING); ++ + /* bad decrypt */ + # if 1 + /* + * If a bad decrypt, continue with protocol but with a random master + * secret (Bleichenbacher attack) + */ +- if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) +- || (is_export && ((i != ek) +- || (s->s2->tmp.clear + +- (unsigned int)i != (unsigned int) +- EVP_CIPHER_key_length(c)))))) { ++ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) ++ || (is_export && i != ek))) { + ERR_clear_error(); + if (is_export) + i = ek; + else + i = EVP_CIPHER_key_length(c); +- if (RAND_pseudo_bytes(p, i) <= 0) ++ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) + return 0; + } + # else +@@ -513,7 +546,7 @@ + # endif + + if (is_export) +- i += s->s2->tmp.clear; ++ i = EVP_CIPHER_key_length(c); + + if (i > SSL_MAX_MASTER_KEY_LENGTH) { + ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); +--- openssl-1.0.2/ssl/s3_pkt.c ++++ openssl-1.0.2/ssl/s3_pkt.c +@@ -780,7 +780,7 @@ + + i = ssl3_write_pending(s, type, &buf[tot], nw); + if (i <= 0) { +- if (i < 0) { ++ if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) { + OPENSSL_free(wb->buf); + wb->buf = NULL; + } +--- openssl-1.0.2/ssl/s3_srvr.c ++++ openssl-1.0.2/ssl/s3_srvr.c +@@ -2251,10 +2251,17 @@ + if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) { + int idx = -1; + EVP_PKEY *skey = NULL; +- if (n) ++ if (n) { + n2s(p, i); +- else ++ } else { ++ if (alg_k & SSL_kDHE) { ++ al = SSL_AD_HANDSHAKE_FAILURE; ++ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ++ SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); ++ goto f_err; ++ } + i = 0; ++ } + if (n && n != i + 2) { + if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, +--- openssl-1.0.2/ssl/t1_lib.c ++++ openssl-1.0.2/ssl/t1_lib.c +@@ -2965,6 +2965,7 @@ + if (s->cert->shared_sigalgs) { + OPENSSL_free(s->cert->shared_sigalgs); + s->cert->shared_sigalgs = NULL; ++ s->cert->shared_sigalgslen = 0; + } + /* Clear certificate digests and validity flags */ + for (i = 0; i < SSL_PKEY_NUM; i++) { +@@ -3618,6 +3619,7 @@ + if (c->shared_sigalgs) { + OPENSSL_free(c->shared_sigalgs); + c->shared_sigalgs = NULL; ++ c->shared_sigalgslen = 0; + } + /* If client use client signature algorithms if not NULL */ + if (!s->server && c->client_sigalgs && !is_suiteb) { +@@ -3640,12 +3642,14 @@ + preflen = c->peer_sigalgslen; + } + nmatch = tls12_do_shared_sigalgs(NULL, pref, preflen, allow, allowlen); +- if (!nmatch) +- return 1; +- salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); +- if (!salgs) +- return 0; +- nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); ++ if (nmatch) { ++ salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); ++ if (!salgs) ++ return 0; ++ nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); ++ } else { ++ salgs = NULL; ++ } + c->shared_sigalgs = salgs; + c->shared_sigalgslen = nmatch; + return 1; diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch new file mode 100644 index 0000000000..31d3f1d634 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch @@ -0,0 +1,354 @@ +http://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest + +--- a/Makefile.org ++++ b/Makefile.org +@@ -247,17 +247,17 @@ + build_libs: build_crypto build_ssl build_engines + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: ++build_ssl: build_crypto +- @dir=ssl; target=all; $(BUILD_ONE_CMD) ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: ++build_engines: build_crypto +- @dir=engines; target=all; $(BUILD_ONE_CMD) ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: ++build_apps: build_libs +- @dir=apps; target=all; $(BUILD_ONE_CMD) ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: ++build_tests: build_libs +- @dir=test; target=all; $(BUILD_ONE_CMD) ++ +@dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: ++build_tools: build_libs +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -497,9 +497,9 @@ + dist_pem_h: + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + +-install: all install_docs install_sw ++install: install_docs install_sw + +-install_sw: ++install_dirs: + @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ +@@ -508,6 +508,13 @@ + $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/private ++ @$(PERL) $(TOP)/util/mkdir-p.pl \ ++ $(INSTALL_PREFIX)$(MANDIR)/man1 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man3 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man5 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man7 ++ ++install_sw: install_dirs + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ +@@ -511,7 +511,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ + do \ + if [ -f "$$i" ]; then \ +@@ -593,12 +600,7 @@ + done; \ + done + +-install_docs: +- @$(PERL) $(TOP)/util/mkdir-p.pl \ +- $(INSTALL_PREFIX)$(MANDIR)/man1 \ +- $(INSTALL_PREFIX)$(MANDIR)/man3 \ +- $(INSTALL_PREFIX)$(MANDIR)/man5 \ +- $(INSTALL_PREFIX)$(MANDIR)/man7 ++install_docs: install_dirs + @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ + here="`pwd`"; \ + filecase=; \ +--- a/Makefile.shared ++++ b/Makefile.shared +@@ -105,6 +105,7 @@ LINK_SO= \ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ ++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ + $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ +@@ -122,6 +124,7 @@ SYMLINK_SO= \ + done; \ + fi; \ + if [ -n "$$SHLIB_SOVER" ]; then \ ++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ + ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ + ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ + fi; \ +--- a/crypto/Makefile ++++ b/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + $(RANLIB) $(LIB) || echo Never mind. + +@@ -110,7 +110,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -119,7 +119,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- a/engines/Makefile ++++ b/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- a/test/Makefile ++++ b/test/Makefile +@@ -123,7 +123,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -365,109 +365,109 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(FIPS_BUILD_CMD) ++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) +- @target=$(SRPTEST); $(BUILD_CMD) ++ +@target=$(SRPTEST); $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -480,7 +480,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. + +--- a/crypto/objects/Makefile ++++ b/crypto/objects/Makefile +@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h + # objects.pl both reads and writes obj_mac.num + obj_mac.h: objects.pl objects.txt obj_mac.num + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h +- @sleep 1; touch obj_mac.h; sleep 1 + +-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num ++# This doesn't really need obj_mac.h, but since that rule reads & writes ++# obj_mac.num, we can't run in parallel with it. ++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h + $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h +- @sleep 1; touch obj_xref.h; sleep 1 + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch index f2be696b10..d894f2c87e 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch @@ -1,5 +1,3 @@ -https://rt.openssl.org/Ticket/Display.html?id=3780&user=guest&pass=guest - From cc81af135bda47eaa6956a0329cbbc55bf993ac1 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Fri, 3 Apr 2015 01:16:23 -0400 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild new file mode 100644 index 0000000000..cb2bb37e6a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild,v 1.3 2015/03/19 17:55:24 ulm Exp $ + +# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat + +EAPI="5" + +inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal + +PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') +MY_PV=${PV/_p*/${PLEVEL}} +MY_P=${PN}-${MY_PV} +S="${WORKDIR}/${MY_P}" +DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" + +LICENSE="openssl" +SLOT="0.9.8" +KEYWORDS="alpha amd64 arm ~hppa ia64 ~m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" +IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" +RESTRICT="!bindist? ( bindist )" + +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) + kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + ) + !=dev-libs/openssl-0.9.8*:0" +DEPEND="${RDEPEND} + sys-apps/diffutils + >=dev-lang/perl-5 + test? ( sys-devel/bc )" + +# Do not install any docs +DOCS=() + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch + epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 + epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 + epatch "${FILESDIR}"/${PN}-0.9.8ze-CVE-2015-0286.patch #543552 + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + Makefile{,.org} \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + # update the enginedir path. + # punt broken config we don't care about as it fails sanity check. + sed -i \ + -e '/^"debug-ben-debug-64"/d' \ + -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ + Configure || die + + # since we're forcing $(CC) as makedep anyway, just fix + # the conditional as always-on + # helps clang (#417795), and versioned gcc (#499818) + sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags -Wa,--noexecstack + + sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + + tc-export CC AR RANLIB + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl zlib) \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + shared threads \ + || die "Configure failed" + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts + emake -j1 depend + emake -j1 build_libs +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + dolib.so lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p6.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p6.ebuild new file mode 100644 index 0000000000..36fc98c92a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p6.ebuild @@ -0,0 +1,160 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p6.ebuild,v 1.7 2015/05/27 14:11:05 zlogene Exp $ + +# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat + +EAPI="5" + +inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal + +PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') +MY_PV=${PV/_p*/${PLEVEL}} +MY_P=${PN}-${MY_PV} +S="${WORKDIR}/${MY_P}" +DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" + +LICENSE="openssl" +SLOT="0.9.8" +KEYWORDS="alpha amd64 arm ~hppa ~ia64 ~m68k ~mips ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" +IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" +RESTRICT="!bindist? ( bindist )" + +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) + kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + ) + !=dev-libs/openssl-0.9.8*:0" +DEPEND="${RDEPEND} + sys-apps/diffutils + >=dev-lang/perl-5 + test? ( sys-devel/bc )" + +# Do not install any docs +DOCS=() + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch + epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 + epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + Makefile{,.org} \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + # update the enginedir path. + # punt broken config we don't care about as it fails sanity check. + sed -i \ + -e '/^"debug-ben-debug-64"/d' \ + -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ + Configure || die + + # since we're forcing $(CC) as makedep anyway, just fix + # the conditional as always-on + # helps clang (#417795), and versioned gcc (#499818) + sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags -Wa,--noexecstack + + sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + + tc-export CC AR RANLIB + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl zlib) \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + shared threads \ + || die "Configure failed" + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts + emake -j1 depend + emake -j1 build_libs +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + dolib.so lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p7.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p7.ebuild index 817c1c870f..9e2e642eb2 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p7.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8z_p7.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p7.ebuild,v 1.9 2015/06/21 16:31:05 zlogene Exp $ # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat @@ -31,11 +31,9 @@ RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) ) !=dev-libs/openssl-0.9.8*:0" DEPEND="${RDEPEND} + sys-apps/diffutils >=dev-lang/perl-5 - test? ( - sys-apps/diffutils - sys-devel/bc - )" + test? ( sys-devel/bc )" # Do not install any docs DOCS=() diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0r.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0r.ebuild new file mode 100644 index 0000000000..c68cb7dedb --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0r.ebuild @@ -0,0 +1,214 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0r.ebuild,v 1.2 2015/03/19 23:07:42 ulm Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs multilib + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" +IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test zlib" +RESTRICT="!bindist? ( bindist )" + +# Have the sub-libs in RDEPEND with [static-libs] since, logically, +# our libssl.a depends on libz.a/etc... at runtime. +LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) + zlib? ( sys-libs/zlib[static-libs(+)] ) + kerberos? ( app-crypt/mit-krb5 )" +RDEPEND="static-libs? ( ${LIB_DEPEND} ) + !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )" +DEPEND="${RDEPEND} + sys-apps/diffutils + >=dev-lang/perl-5 + test? ( sys-devel/bc )" +PDEPEND="app-misc/ca-certificates" + +src_unpack() { + unpack ${P}.tar.gz + SSL_CNF_DIR="/etc/ssl" + sed \ + -e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ + "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ + > "${WORKDIR}"/c_rehash || die #416717 +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + #epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.0r-x32.patch + epatch_user #332661 + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + ./config --test-sanity || die "I AM NOT SANE" +} + +src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl zlib) \ + --prefix=/usr \ + --openssldir=${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend || die + emake all || die + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash || die +} + +src_test() { + emake -j1 test || die +} + +src_install() { + emake INSTALL_PREFIX="${D}" install || die + dobin "${WORKDIR}"/c_rehash || die #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${D}"/usr/lib*/lib*.a + + # create the certs directory + dodir ${SSL_CNF_DIR}/certs + cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die + rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${D}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1l-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1l-r1.ebuild new file mode 100644 index 0000000000..1ee5da330c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1l-r1.ebuild @@ -0,0 +1,260 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1l-r1.ebuild,v 1.5 2015/03/19 18:03:39 vapier Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" +RESTRICT="!bindist? ( bindist )" + +# The blocks are temporary just to make sure people upgrade to a +# version that lack runtime version checking. We'll drop them in +# the future. +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + ) + ! "${WORKDIR}"/c_rehash || die #416717 +} + +MULTILIB_WRAPPED_HEADERS=( + usr/include/openssl/opensslconf.h +) + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 + epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 + epatch "${FILESDIR}"/${PN}-1.0.1l-CVE-2015-0286.patch #543552 + epatch_user #332661 + fi + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # since we're forcing $(CC) as makedep anyway, just fix + # the conditional as always-on + # helps clang (#417795), and versioned gcc (#499818) + sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ + $(use_ssl zlib) \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend + emake all + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + emake INSTALL_PREFIX="${D}" install +} + +multilib_src_install_all() { + dobin "${WORKDIR}"/c_rehash #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a + + # create the certs directory + dodir ${SSL_CNF_DIR}/certs + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${ED}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1m.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1m.ebuild new file mode 100644 index 0000000000..e49ef3ef9e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1m.ebuild @@ -0,0 +1,259 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1m.ebuild,v 1.10 2015/05/27 14:11:05 zlogene Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" +RESTRICT="!bindist? ( bindist )" + +# The blocks are temporary just to make sure people upgrade to a +# version that lack runtime version checking. We'll drop them in +# the future. +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + ) + ! "${WORKDIR}"/c_rehash || die #416717 +} + +MULTILIB_WRAPPED_HEADERS=( + usr/include/openssl/opensslconf.h +) + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-s_client-verify.patch #472584 + epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 + epatch_user #332661 + fi + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # since we're forcing $(CC) as makedep anyway, just fix + # the conditional as always-on + # helps clang (#417795), and versioned gcc (#499818) + sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ + $(use_ssl zlib) \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend + emake all + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + emake INSTALL_PREFIX="${D}" install +} + +multilib_src_install_all() { + dobin "${WORKDIR}"/c_rehash #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a + + # create the certs directory + dodir ${SSL_CNF_DIR}/certs + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${ED}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1n.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1n.ebuild new file mode 100644 index 0000000000..58e2506791 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1n.ebuild @@ -0,0 +1,258 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1n.ebuild,v 1.1 2015/06/11 15:57:04 vapier Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" +RESTRICT="!bindist? ( bindist )" + +# The blocks are temporary just to make sure people upgrade to a +# version that lack runtime version checking. We'll drop them in +# the future. +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + ) + ! "${WORKDIR}"/c_rehash || die #416717 +} + +MULTILIB_WRAPPED_HEADERS=( + usr/include/openssl/opensslconf.h +) + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 + epatch_user #332661 + fi + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # since we're forcing $(CC) as makedep anyway, just fix + # the conditional as always-on + # helps clang (#417795), and versioned gcc (#499818) + sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ + $(use_ssl zlib) \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend + emake all + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + emake INSTALL_PREFIX="${D}" install +} + +multilib_src_install_all() { + dobin "${WORKDIR}"/c_rehash #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a + + # create the certs directory + dodir ${SSL_CNF_DIR}/certs + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${ED}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1o.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1o.ebuild new file mode 100644 index 0000000000..7ccfc601ba --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1o.ebuild @@ -0,0 +1,258 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1o.ebuild,v 1.10 2015/06/21 16:31:05 zlogene Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" +RESTRICT="!bindist? ( bindist )" + +# The blocks are temporary just to make sure people upgrade to a +# version that lack runtime version checking. We'll drop them in +# the future. +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) + kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + ) + ! "${WORKDIR}"/c_rehash || die #416717 +} + +MULTILIB_WRAPPED_HEADERS=( + usr/include/openssl/opensslconf.h +) + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 + epatch_user #332661 + fi + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # since we're forcing $(CC) as makedep anyway, just fix + # the conditional as always-on + # helps clang (#417795), and versioned gcc (#499818) + sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die + + # quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (#417795 again) + [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 + # The config script does stupid stuff to prompt the user. Kill it. + sed -i '/stty -icanon min 0 time 50; read waste/d' config || die + ./config --test-sanity || die "I AM NOT SANE" + + multilib_copy_sources +} + +multilib_src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths. #460790 + local ec_nistp_64_gcc_128 + # Disable it for now though #469976 + #if ! use bindist ; then + # echo "__uint128_t i;" > "${T}"/128.c + # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + # fi + #fi + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + + echoit \ + ./${config} \ + ${sslout} \ + $(use cpu_flags_x86_sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + ${ec_nistp_64_gcc_128} \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl tls-heartbeat heartbeats) \ + $(use_ssl zlib) \ + --prefix="${EPREFIX}"/usr \ + --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +multilib_src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend + emake all + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash +} + +multilib_src_test() { + emake -j1 test +} + +multilib_src_install() { + emake INSTALL_PREFIX="${D}" install +} + +multilib_src_install_all() { + dobin "${WORKDIR}"/c_rehash #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${ED}"/usr/lib*/lib*.a + + # create the certs directory + dodir ${SSL_CNF_DIR}/certs + cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die + rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${ED}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" + c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1p.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1p.ebuild index 40a538fe2c..3e50fcab35 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1p.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1p.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1p.ebuild,v 1.3 2015/07/09 15:04:23 ago Exp $ EAPI="4" @@ -14,7 +14,7 @@ SRC_URI="mirror://openssl/source/${P}.tar.gz LICENSE="openssl" SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" RESTRICT="!bindist? ( bindist )" @@ -63,7 +63,6 @@ src_prepare() { epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 epatch_user #332661 fi diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d-r2.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2-r3.ebuild similarity index 87% rename from sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d-r2.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2-r3.ebuild index e45dd2463b..d1e28ae80a 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d-r2.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2-r3.ebuild @@ -1,27 +1,28 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2-r3.ebuild,v 1.3 2015/03/19 21:14:17 vapier Exp $ EAPI="4" inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal +REV="1.7" MY_P=${P/_/-} DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" +SRC_URI="mirror://openssl/source/${MY_P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" SLOT="0" KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" +IUSE="bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" RESTRICT="!bindist? ( bindist )" # The blocks are temporary just to make sure people upgrade to a # version that lack runtime version checking. We'll drop them in # the future. -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) abi_x86_32? ( @@ -31,12 +32,10 @@ RDEPEND=">=app-misc/c_rehash-1.7-r1 ! "${WORKDIR}"/c_rehash || die #416717 # Make sure we only ever touch Makefile.org and avoid patching a file # that gets blown away anyways by the Configure script in src_configure rm -f Makefile + epatch "${FILESDIR}"/${P}-CVE-2015-0209.patch #541502 + epatch "${FILESDIR}"/${P}-CVE-2015-0288.patch #542038 if ! use vanilla ; then epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2d-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 + epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 + epatch "${FILESDIR}"/${PN}-1.0.2-s_client-verify.patch #472584 + epatch "${FILESDIR}"/${PN}-1.0.2-CVE-2015-0291.patch epatch_user #332661 fi @@ -93,7 +95,7 @@ src_prepare() { [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die + cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die chmod a+rx gentoo.config append-flags -fno-strict-aliasing @@ -146,6 +148,7 @@ multilib_src_configure() { echoit \ ./${config} \ ${sslout} \ + $(use sctp && echo "sctp") \ $(use cpu_flags_x86_sse2 || echo "no-sse2") \ enable-camellia \ $(use_ssl !bindist ec) \ @@ -154,11 +157,9 @@ multilib_src_configure() { enable-mdc2 \ enable-rc5 \ enable-tlsext \ - $(use_ssl asm) \ $(use_ssl gmp gmp -lgmp) \ $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ $(use_ssl rfc3779) \ - $(use_ssl sctp) \ $(use_ssl tls-heartbeat heartbeats) \ $(use_ssl zlib) \ --prefix="${EPREFIX}"/usr \ @@ -201,10 +202,7 @@ multilib_src_install() { } multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - + dobin "${WORKDIR}"/c_rehash #333117 dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el dohtml -r doc/* use rfc3779 && dodoc engines/ccgost/README.gost diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2a.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2a.ebuild index 6c22a2e934..86acfdea4f 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2a.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2a.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2a.ebuild,v 1.9 2015/04/03 05:44:45 vapier Exp $ EAPI="4" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2b.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2b.ebuild index 3ede9dd639..4c7124c19a 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2b.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2b.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2b.ebuild,v 1.1 2015/06/11 15:57:04 vapier Exp $ EAPI="4" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2c.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2c.ebuild index 3ede9dd639..6266ae4e3d 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2c.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2c.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2c.ebuild,v 1.1 2015/06/12 16:06:03 vapier Exp $ EAPI="4" diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d.ebuild index 98f1978b30..e06344486e 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.2d.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2d.ebuild,v 1.1 2015/07/09 14:08:16 vapier Exp $ EAPI="4" @@ -15,7 +15,7 @@ SRC_URI="mirror://openssl/source/${MY_P}.tar.gz LICENSE="openssl" SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" RESTRICT="!bindist? ( bindist )" @@ -32,12 +32,10 @@ RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) !=dev-libs/gmp-5.1.3-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-libs/openssl-0.9.8*:0 sys-apps/diffutils >=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=Toolkit for SSL v2/v3 and TLS v1 +EAPI=5 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos cpu_flags_x86_sse2 test zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm ~hppa ia64 ~m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd +LICENSE=openssl +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-libs/openssl-0.9.8*:0 +RESTRICT=!bindist? ( bindist ) +SLOT=0.9.8 +SRC_URI=mirror://openssl/source/openssl-0.9.8ze.tar.gz +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=74def226a2092ede9932aa93660c5537 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p6 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p6 new file mode 100644 index 0000000000..ba4c463dd0 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p6 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install prepare test +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-libs/openssl-0.9.8*:0 sys-apps/diffutils >=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=Toolkit for SSL v2/v3 and TLS v1 +EAPI=5 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos cpu_flags_x86_sse2 test zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm ~hppa ~ia64 ~m68k ~mips ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd +LICENSE=openssl +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-libs/openssl-0.9.8*:0 +RESTRICT=!bindist? ( bindist ) +SLOT=0.9.8 +SRC_URI=mirror://openssl/source/openssl-0.9.8zf.tar.gz +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=3d016dc7f872a5446b775a734d62f9d1 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p7 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p7 index 375a10a688..0eec6c4279 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p7 +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-0.9.8z_p7 @@ -1,5 +1,5 @@ DEFINED_PHASES=compile configure install prepare test -DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-libs/openssl-0.9.8*:0 >=dev-lang/perl-5 test? ( sys-apps/diffutils sys-devel/bc ) +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-libs/openssl-0.9.8*:0 sys-apps/diffutils >=dev-lang/perl-5 test? ( sys-devel/bc ) DESCRIPTION=Toolkit for SSL v2/v3 and TLS v1 EAPI=5 HOMEPAGE=http://www.openssl.org/ @@ -11,4 +11,4 @@ RESTRICT=!bindist? ( bindist ) SLOT=0.9.8 SRC_URI=mirror://openssl/source/openssl-0.9.8zg.tar.gz _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=3fa339826148a10172d8b343cb801d5b +_md5_=5b3cb1bb190d3cde11ed5c63c5555590 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.0r b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.0r new file mode 100644 index 0000000000..50658bf41c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.0r @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst preinst prepare test unpack +DEPEND=static-libs? ( gmp? ( dev-libs/gmp[static-libs(+)] ) zlib? ( sys-libs/zlib[static-libs(+)] ) kerberos? ( app-crypt/mit-krb5 ) ) !static-libs? ( gmp? ( dev-libs/gmp ) zlib? ( sys-libs/zlib ) kerberos? ( app-crypt/mit-krb5 ) ) sys-apps/diffutils >=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1) +EAPI=4 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test zlib +KEYWORDS=~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd +LICENSE=openssl +PDEPEND=app-misc/ca-certificates +RDEPEND=static-libs? ( gmp? ( dev-libs/gmp[static-libs(+)] ) zlib? ( sys-libs/zlib[static-libs(+)] ) kerberos? ( app-crypt/mit-krb5 ) ) !static-libs? ( gmp? ( dev-libs/gmp ) zlib? ( sys-libs/zlib ) kerberos? ( app-crypt/mit-krb5 ) ) +RESTRICT=!bindist? ( bindist ) +SLOT=0 +SRC_URI=mirror://openssl/source/openssl-1.0.0r.tar.gz http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssl/openssl-c_rehash.sh?rev=1.7 -> openssl-c_rehash.sh.1.7 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multilib 62927b3db3a589b0806255f3a002d5d3 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=e9cde23b934ade988aeeec42672d2c6b diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1l-r1 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1l-r1 new file mode 100644 index 0000000000..d57642b217 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1l-r1 @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst preinst prepare test unpack +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) +EAPI=4 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +LICENSE=openssl +PDEPEND=app-misc/ca-certificates +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=cb9afcf129e8e78211ea1ab597fc10ce diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1m b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1m new file mode 100644 index 0000000000..f3fc608d59 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1m @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst preinst prepare test unpack +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) +EAPI=4 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +LICENSE=openssl +PDEPEND=app-misc/ca-certificates +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=25c3d5a5f65b895ccb75bcd3e7de7c0d diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1n b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1n new file mode 100644 index 0000000000..e5ce6ed80d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1n @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst preinst prepare test unpack +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) +EAPI=4 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +LICENSE=openssl +PDEPEND=app-misc/ca-certificates +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=e84a5577caa7ae71b9718e320417e2f2 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1o b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1o new file mode 100644 index 0000000000..0b3a57c095 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1o @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst preinst prepare test unpack +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 test? ( sys-devel/bc ) +DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) +EAPI=4 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +LICENSE=openssl +PDEPEND=app-misc/ca-certificates +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=4dbf32e88915c3c533238d219080a000 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1p b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1p index d6828ea74c..ba4e8860a7 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1p +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.1p @@ -4,7 +4,7 @@ DESCRIPTION=full-strength general purpose cryptography library (including SSL an EAPI=4 HOMEPAGE=http://www.openssl.org/ IUSE=bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 -KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +KEYWORDS=~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux LICENSE=openssl PDEPEND=app-misc/ca-certificates RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=a27fb25fecb1c50aad2111e8e8675810 +_md5_=eecdcb41257b7cd5a2b6d217e1d660d1 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2-r3 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2-r3 new file mode 100644 index 0000000000..2a244ce5e3 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2-r3 @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst preinst prepare test +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 sctp? ( >=net-misc/lksctp-tools-1.0.12 ) test? ( sys-devel/bc ) +DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) +EAPI=4 +HOMEPAGE=http://www.openssl.org/ +IUSE=bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +LICENSE=openssl +PDEPEND=app-misc/ca-certificates +RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 +_md5_=615ae023d070fa0694b53834694a0c06 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2a b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2a index 287c78b935..483a22068f 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2a +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2a @@ -12,4 +12,4 @@ RESTRICT=!bindist? ( bindist ) SLOT=0 SRC_URI=mirror://openssl/source/openssl-1.0.2a.tar.gz http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssl/openssl-c_rehash.sh?rev=1.7 -> openssl-c_rehash.sh.1.7 _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=2686c7874fc80a71b60d40eebd9c2c47 +_md5_=9aa6dad5826a21ca0b5705c0aa39fb48 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2b b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2b index f0244410bd..08f9018dbe 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2b +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2b @@ -12,4 +12,4 @@ RESTRICT=!bindist? ( bindist ) SLOT=0 SRC_URI=mirror://openssl/source/openssl-1.0.2b.tar.gz http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssl/openssl-c_rehash.sh?rev=1.7 -> openssl-c_rehash.sh.1.7 _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=7128477f6d882941c23b1a7c89f82068 +_md5_=79b1f14172a4ddd0a700179a678e0e4c diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2c b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2c index 4a3ab80f39..3234b615d9 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2c +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2c @@ -12,4 +12,4 @@ RESTRICT=!bindist? ( bindist ) SLOT=0 SRC_URI=mirror://openssl/source/openssl-1.0.2c.tar.gz http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssl/openssl-c_rehash.sh?rev=1.7 -> openssl-c_rehash.sh.1.7 _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=7128477f6d882941c23b1a7c89f82068 +_md5_=e86616486a04bdc2cbc019e058f68c60 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d index ee581777bd..1bd6e64e77 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d @@ -1,10 +1,10 @@ DEFINED_PHASES=compile configure install postinst preinst prepare test -DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 sctp? ( >=net-misc/lksctp-tools-1.0.12 ) test? ( sys-apps/diffutils sys-devel/bc ) +DEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 sctp? ( >=net-misc/lksctp-tools-1.0.12 ) test? ( sys-devel/bc ) DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) EAPI=4 HOMEPAGE=http://www.openssl.org/ IUSE=+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 -KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux +KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux LICENSE=openssl PDEPEND=app-misc/ca-certificates RDEPEND=gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) ! openssl-c_rehash.sh.1.7 _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de flag-o-matic c9602887773166fe300444712fc7ff98 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=6d70e0ee8914b6ac6fc4cf24318ab900 +_md5_=4ecf9fd50a1117373599d0f2082234c1 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d-r2 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d-r2 deleted file mode 100644 index 36abc79902..0000000000 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/openssl-1.0.2d-r2 +++ /dev/null @@ -1,15 +0,0 @@ -DEFINED_PHASES=compile configure install postinst preinst prepare test -DEPEND=>=app-misc/c_rehash-1.7-r1 gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !=dev-lang/perl-5 sctp? ( >=net-misc/lksctp-tools-1.0.12 ) test? ( sys-apps/diffutils sys-devel/bc ) -DESCRIPTION=full-strength general purpose cryptography library (including SSL and TLS) -EAPI=4 -HOMEPAGE=http://www.openssl.org/ -IUSE=+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 -KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux -LICENSE=openssl -PDEPEND=app-misc/ca-certificates -RDEPEND=>=app-misc/c_rehash-1.7-r1 gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) kerberos? ( >=app-crypt/mit-krb5-1.11.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] ) abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20140508 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) !