summaryrefslogtreecommitdiff
path: root/system/openssl/APKBUILD
diff options
context:
space:
mode:
authorA. Wilcox <AWilcox@Wilcox-Tech.com>2020-01-14 13:32:21 +0000
committerA. Wilcox <AWilcox@Wilcox-Tech.com>2020-01-14 13:32:21 +0000
commit9e9c63dfc7673456279d0d2772f5c07476b0c113 (patch)
tree72e5036b1b3ff84f3fa5162b7dfc30a96c398adb /system/openssl/APKBUILD
parent916779a634240e6d663ce5335761b9a976f8849e (diff)
downloadpackages-9e9c63dfc7673456279d0d2772f5c07476b0c113.tar.gz
packages-9e9c63dfc7673456279d0d2772f5c07476b0c113.tar.bz2
packages-9e9c63dfc7673456279d0d2772f5c07476b0c113.tar.xz
packages-9e9c63dfc7673456279d0d2772f5c07476b0c113.zip
system/openssl: Bump to 1.1.1d
Diffstat (limited to 'system/openssl/APKBUILD')
-rw-r--r--system/openssl/APKBUILD63
1 files changed, 21 insertions, 42 deletions
diff --git a/system/openssl/APKBUILD b/system/openssl/APKBUILD
index 3a777064b..dc4c4aab4 100644
--- a/system/openssl/APKBUILD
+++ b/system/openssl/APKBUILD
@@ -1,30 +1,19 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=openssl
-pkgver=1.0.2t
+pkgver=1.1.1d
pkgrel=0
-pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
+pkgdesc="Toolkit for SSL and TLS"
url="https://www.openssl.org/"
arch="all"
license="OpenSSL"
depends=""
-depends_dev="zlib-dev"
checkdepends="perl"
makedepends_build="perl"
-makedepends_host="zlib-dev"
-makedepends="$makedepends_host $makedepends_build"
-subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.0:libcrypto
- libssl1.0:libssl"
+subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.1:libcrypto
+ libssl1.1:libssl"
source="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
- 0003-use-termios.patch
- 0004-fix-default-ca-path-for-apps.patch
- 0005-fix-parallel-build.patch
- 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
- 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
- 0009-no-rpath.patch
- 0010-ssl-env-zlib.patch
- 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
- 1002-backport-changes-from-upstream-padlock-module.patch
- 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+ CVE-2019-1551.patch
+ ppc64.patch
"
# secfixes:
@@ -67,6 +56,8 @@ source="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
# 1.0.2t-r0:
# - CVE-2019-1547
# - CVE-2019-1563
+# 1.1.1d-r0:
+# - CVE-2019-1551
build() {
# openssl will prepend crosscompile always core CC et al
@@ -79,10 +70,10 @@ build() {
aarch64*) _target="linux-aarch64" ;;
arm*) _target="linux-armv4" ;;
ppc) _target="linux-ppc" ;;
- ppc64) _target="linux-ppc64"; _optflags="no-asm" ;;
+ ppc64) _target="linux-ppc64" ;;
ppc64le) _target="linux-ppc64le" ;;
i528 | pmmx | x86) _target="linux-elf" ;;
- x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;;
+ x86_64) _target="linux-x86_64" ;;
s390x) _target="linux64-s390x";;
*) msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;;
esac
@@ -94,37 +85,33 @@ build() {
perl ./Configure $_target --prefix=/usr \
--libdir=lib \
--openssldir=/etc/ssl \
- shared zlib enable-montasm enable-md2 $_optflags \
- -DOPENSSL_NO_BUF_FREELISTS \
- $CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \
- enable-ssl2
-
- make && make build-shared
+ shared no-zlib enable-md2 no-weak-ssl-ciphers \
+ $CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack
+ make
}
check() {
- make -j1 test
+ make test
}
package() {
- make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install
- # remove the script c_rehash
+ make DESTDIR="$pkgdir" install
rm "$pkgdir"/usr/bin/c_rehash
}
libcrypto() {
- pkgdesc="Crypto library from openssl"
+ pkgdesc="OpenSSL cryptography library"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libcrypto*; do
mv $i "$subpkgdir"/lib/
ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
done
- mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/
+ mv "$pkgdir"/usr/lib/engines-1.1 "$subpkgdir"/usr/lib/
}
libssl() {
- pkgdesc="SSL shared libraries"
+ pkgdesc="OpenSSL socket library"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libssl*; do
@@ -133,14 +120,6 @@ libssl() {
done
}
-sha512sums="0b88868933f42fab87e8b22449435a1091cc6e75f986aad6c173e01ad123161fcae8c226759073701bc65c9f2f0b6ce6a63a61203008ed873cfb6e484f32bc71 openssl-1.0.2t.tar.gz
-58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch
-c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch
-5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch
-820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
-17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
-5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch
-5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch
-8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
-a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch
-6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch"
+sha512sums="2bc9f528c27fe644308eb7603c992bac8740e9f0c3601a130af30c9ffebbf7e0f5c28b76a00bbb478bad40fbe89b4223a58d604001e1713da71ff4b7fe6a08a7 openssl-1.1.1d.tar.gz
+11ca61515a89766241fe0fae27f3b39767128915f288ea88840bf93e8b50ac416024cb2153efcdf2658d3e82a8e4250a0c069333dbd7347475f9dafcc45370b5 CVE-2019-1551.patch
+66bbb0ae769643c8a0b1501d9c8466f08f0d8b3b2bc4fcc2c0c054ab1971ced85c07aa0e4b8168a4394d0ae407dfbd26066a7a068602ce5b58e459b12ce6d36a ppc64.patch"