blob: 7aeb36b7bc6f743f4db11ef9e54615cc0b40dde5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=openssl
pkgver=1.0.2p
pkgrel=0
pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
url="https://www.openssl.org/"
arch="all"
license="OpenSSL"
depends=
makedepends_build="perl"
makedepends_host="zlib-dev"
makedepends="$makedepends_host $makedepends_build"
depends_dev="zlib-dev"
checkdepends="perl"
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.0:libcrypto
libssl1.0:libssl"
source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
0002-busybox-basename.patch
0003-use-termios.patch
0004-fix-default-ca-path-for-apps.patch
0005-fix-parallel-build.patch
0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
0009-no-rpath.patch
0010-ssl-env-zlib.patch
1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
1002-backport-changes-from-upstream-padlock-module.patch
1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
"
# secfixes:
# 1.0.2h-r0:
# - CVE-2016-2107
# - CVE-2016-2105
# - CVE-2016-2106
# - CVE-2016-2109
# - CVE-2016-2176
# 1.0.2h-r1:
# - CVE-2016-2177
# - CVE-2016-2178
# 1.0.2h-r2:
# - CVE-2016-2180
# 1.0.2h-r3:
# - CVE-2016-2179
# - CVE-2016-2182
# - CVE-2016-6302
# - CVE-2016-6303
# 1.0.2h-r4:
# - CVE-2016-2181
# 1.0.2i-r0:
# - CVE-2016-2183
# - CVE-2016-6304
# - CVE-2016-6306
# 1.0.2m-r0:
# - CVE-2017-3735
# - CVE-2017-3736
# 1.0.2n-r0:
# - CVE-2017-3737
# - CVE-2017-3738
# 1.0.2o-r0:
# - CVE-2018-0739
# - CVE-2018-0737
# - CVE-2018-0732
builddir="$srcdir"/$pkgname-$pkgver
build() {
local _target _optflags
cd "$builddir"
# openssl will prepend crosscompile always core CC et al
CC=${CC#${CROSS_COMPILE}}
CXX=${CXX#${CROSS_COMPILE}}
CPP=${CPP#${CROSS_COMPILE}}
# determine target OS for openssl
case "$CARCH" in
aarch64*) _target="linux-aarch64" ;;
arm*) _target="linux-armv4" ;;
ppc) _target="linux-ppc" ;;
ppc64) _target="linux-ppc64"; _optflags="no-asm" ;;
ppc64le) _target="linux-ppc64le" ;;
i528 | pmmx | x86) _target="linux-elf" ;;
x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;;
s390x) _target="linux64-s390x";;
*) msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;;
esac
# Configure assumes --options are for it, so can't use
# gcc's --sysroot fake this by overriding CC
[ -n "$CBUILDROOT" ] && CC="$CC --sysroot=${CBUILDROOT}"
perl ./Configure $_target --prefix=/usr \
--libdir=lib \
--openssldir=/etc/ssl \
shared zlib enable-montasm enable-md2 $_optflags \
-DOPENSSL_NO_BUF_FREELISTS \
$CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \
enable-ssl2
make && make build-shared
}
check() {
cd "$builddir"
make -j1 test
}
package() {
cd "$builddir"
make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install
# remove the script c_rehash
rm "$pkgdir"/usr/bin/c_rehash
}
libcrypto() {
pkgdesc="Crypto library from openssl"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libcrypto*; do
mv $i "$subpkgdir"/lib/
ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
done
mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/
}
libssl() {
pkgdesc="SSL shared libraries"
mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
for i in "$pkgdir"/usr/lib/libssl*; do
mv $i "$subpkgdir"/lib/
ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
done
}
dev() {
provides="libressl-dev=9999"
default_dev
}
sha512sums="958c5a7c3324bbdc8f07dfb13e11329d9a1b4452c07cf41fbd2d42b5fe29c95679332a3476d24c2dc2b88be16e4a24744aba675a05a388c0905756c77a8a2f16 openssl-1.0.2p.tar.gz
2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch
58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch
c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch
5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch
820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch
5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch
8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch
6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch"
|