Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2026-04-22 23:01:02 +02:00
Code Issues Projects Releases Wiki Activity

openssl-chacha: remove. No longer required by sslyze, and messing up the https://github.com/repology/repology-rules/issues/28

Browse source
This commit is contained in:
blshkv 2019-06-30 06:46:06 +08:00
parent 053d1cd64c
commit 2b861e9998
No known key found for this signature in database
GPG key ID: 273E3E90D1A6294F
11 changed files with 0 additions and 1602 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

169
dev-libs/openssl-chacha/files/gentoo.config-1.0.2
View file

@ -1,169 +0,0 @@
#!/usr/bin/env bash
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
#
# Openssl doesn't play along nicely with cross-compiling
# like autotools based projects, so let's teach it new tricks.
#
# Review the bundled 'config' script to see why kind of targets
# we can pass to the 'Configure' script.
# Testing routines
if [[ $1 == "test" ]] ; then
for c in \
"arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \
"armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \
"x86_64-pc-linux-gnu |linux-x86_64" \
"alpha-linux-gnu |linux-alpha-gcc" \
"alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \
"i686-pc-linux-gnu |linux-elf" \
"whatever-gentoo-freebsdX.Y |BSD-generic32" \
"i686-gentoo-freebsdX.Y |BSD-x86-elf" \
"sparc64-alpha-freebsdX.Y |BSD-sparc64" \
"ia64-gentoo-freebsd5.99234 |BSD-ia64" \
"x86_64-gentoo-freebsdX.Y |BSD-x86_64" \
"hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \
"powerpc-gentOO-linux-uclibc |linux-ppc" \
"powerpc64-unk-linux-gnu |linux-ppc64" \
"powerpc64le-linux-gnu |linux-ppc64le" \
"x86_64-apple-darwinX |darwin64-x86_64-cc" \
"powerpc64-apple-darwinX |darwin64-ppc-cc" \
"i686-apple-darwinX |darwin-i386-cc" \
"i386-apple-darwinX |darwin-i386-cc" \
"powerpc-apple-darwinX |darwin-ppc-cc" \
"i586-pc-winnt |winnt-parity" \
"s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \
"s390x-linux-gnu |linux64-s390x" \
;do
CHOST=${c/|*}
ret_want=${c/*|}
ret_got=$(CHOST=${CHOST} "$0")
if [[ ${ret_want} == "${ret_got}" ]] ; then
echo "PASS: ${CHOST}"
else
echo "FAIL: ${CHOST}"
echo -e "\twanted: ${ret_want}"
echo -e "\twe got: ${ret_got}"
fi
done
exit 0
fi
[[ -z ${CHOST} && -n $1 ]] && CHOST=$1
# Detect the operating system
case ${CHOST} in
*-aix*) system="aix";;
*-darwin*) system="darwin";;
*-freebsd*) system="BSD";;
*-hpux*) system="hpux";;
*-linux*) system="linux";;
*-solaris*) system="solaris";;
*-winnt*) system="winnt";;
x86_64-*-mingw*) system="mingw64";;
*mingw*) system="mingw";;
*) exit 0;;
esac
# Compiler munging
compiler="gcc"
if [[ ${CC} == "ccc" ]] ; then
compiler=${CC}
fi
# Detect target arch
machine=""
chost_machine=${CHOST%%-*}
case ${system} in
linux)
case ${chost_machine}:${ABI} in
aarch64*be*) machine="generic64 -DB_ENDIAN";;
aarch64*) machine="generic64 -DL_ENDIAN";;
alphaev56*|\
alphaev[678]*)machine=alpha+bwx-${compiler};;
alpha*) machine=alpha-${compiler};;
armv[4-9]*b*) machine="armv4 -DB_ENDIAN";;
armv[4-9]*) machine="armv4 -DL_ENDIAN";;
arm*b*) machine="generic32 -DB_ENDIAN";;
arm*) machine="generic32 -DL_ENDIAN";;
avr*) machine="generic32 -DL_ENDIAN";;
bfin*) machine="generic32 -DL_ENDIAN";;
# hppa64*) machine=parisc64;;
hppa*) machine="generic32 -DB_ENDIAN";;
i[0-9]86*|\
x86_64*:x86) machine=elf;;
ia64*) machine=ia64;;
m68*) machine="generic32 -DB_ENDIAN";;
mips*el*) machine="generic32 -DL_ENDIAN";;
mips*) machine="generic32 -DB_ENDIAN";;
powerpc64*le*)machine=ppc64le;;
powerpc64*) machine=ppc64;;
powerpc*le*) machine="generic32 -DL_ENDIAN";;
powerpc*) machine=ppc;;
# sh64*) machine=elf;;
sh*b*) machine="generic32 -DB_ENDIAN";;
sh*) machine="generic32 -DL_ENDIAN";;
# TODO: Might want to do -mcpu probing like glibc to determine a
# better default for sparc-linux-gnu targets. This logic will
# break v7 and older systems when they use it.
sparc*v7*) machine="generic32 -DB_ENDIAN";;
sparc64*) machine=sparcv9 system=linux64;;
sparc*v9*) machine=sparcv9;;
sparc*v8*) machine=sparcv8;;
sparc*) machine=sparcv8;;
s390x*) machine=s390x system=linux64;;
s390*) machine="generic32 -DB_ENDIAN";;
x86_64*:x32) machine=x32;;
x86_64*) machine=x86_64;;
esac
;;
BSD)
case ${chost_machine} in
alpha*) machine=generic64;;
i[6-9]86*) machine=x86-elf;;
ia64*) machine=ia64;;
sparc64*) machine=sparc64;;
x86_64*) machine=x86_64;;
*) machine=generic32;;
esac
;;
aix)
machine=${compiler}
;;
darwin)
case ${chost_machine} in
powerpc64) machine=ppc-cc; system=${system}64;;
powerpc) machine=ppc-cc;;
i?86*) machine=i386-cc;;
x86_64) machine=x86_64-cc; system=${system}64;;
esac
;;
hpux)
case ${chost_machine} in
ia64) machine=ia64-${compiler} ;;
esac
;;
solaris)
case ${chost_machine} in
i386) machine=x86-${compiler} ;;
x86_64*) machine=x86_64-${compiler}; system=${system}64;;
sparcv9*) machine=sparcv9-${compiler}; system=${system}64;;
sparc*) machine=sparcv8-${compiler};;
esac
;;
winnt)
machine=parity
;;
mingw*)
# special case ... no xxx-yyy style name
echo ${system}
;;
esac
# If we have something, show it
[[ -n ${machine} ]] && echo ${system}-${machine}

29
dev-libs/openssl-chacha/files/openssl-1.0.0a-ldflags.patch
View file

@ -1,29 +0,0 @@
http://bugs.gentoo.org/181438
http://bugs.gentoo.org/327421
https://rt.openssl.org/Ticket/Display.html?id=3331&user=guest&pass=guest
make sure we respect LDFLAGS
also make sure we don't add useless -rpath flags to the system libdir
--- Makefile.org
+++ Makefile.org
@@ -189,6 +189,7 @@
MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
MAKEDEPPROG='$(MAKEDEPPROG)' \
+ LDFLAGS='${LDFLAGS}' \
SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
--- Makefile.shared
+++ Makefile.shared
@@ -153,7 +153,7 @@
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
#This is rather special. It's a special target with which one can link
#applications without bothering with any features that have anything to

30
dev-libs/openssl-chacha/files/openssl-1.0.1p-default-source.patch
View file

@ -1,30 +0,0 @@
https://bugs.gentoo.org/554338
https://rt.openssl.org/Ticket/Display.html?id=3934&user=guest&pass=guest
From 7c2e97f8bbae517496fdc11f475b4ae54b2534f5 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Fri, 10 Jul 2015 01:50:52 -0400
Subject: [PATCH] test: use _DEFAULT_SOURCE with newer glibc versions
The _BSD_SOURCE macro is replaced by the _DEFAULT_SOURCE macro. Using
just the former with newer versions leads to a build time warning, so
make sure to use the new macro too.
---
ssl/ssltest.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 26cf96c..b36f667 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -141,6 +141,7 @@
*/
/* Or gethostname won't be declared properly on Linux and GNU platforms. */
+#define _DEFAULT_SOURCE 1
#define _BSD_SOURCE 1
#include <assert.h>
--
2.4.4

611
dev-libs/openssl-chacha/files/openssl-1.0.2-ipv6.patch
View file

@ -1,611 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest
--- openssl-1.0.2/apps/s_apps.h
+++ openssl-1.0.2/apps/s_apps.h
@@ -154,7 +154,7 @@
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, int stype,
unsigned char *context), unsigned char *context,
- int naccept);
+ int naccept, int use_ipv4, int use_ipv6);
#ifdef HEADER_X509_H
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
@@ -167,7 +167,8 @@
int ssl_print_curves(BIO *out, SSL *s, int noshared);
#endif
int ssl_print_tmp_key(BIO *out, SSL *s);
-int init_client(int *sock, char *server, int port, int type);
+int init_client(int *sock, char *server, int port, int type,
+ int use_ipv4, int use_ipv6);
int should_retry(int i);
int extract_port(char *str, short *port_ptr);
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
--- openssl-1.0.2/apps/s_client.c
+++ openssl-1.0.2/apps/s_client.c
@@ -302,6 +302,10 @@
{
BIO_printf(bio_err, "usage: s_client args\n");
BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err, " -4 - use IPv4 only\n");
+#if OPENSSL_USE_IPV6
+ BIO_printf(bio_err, " -6 - use IPv6 only\n");
+#endif
BIO_printf(bio_err, " -host host - use -connect instead\n");
BIO_printf(bio_err, " -port port - use -connect instead\n");
BIO_printf(bio_err,
@@ -658,6 +662,7 @@
int sbuf_len, sbuf_off;
fd_set readfds, writefds;
short port = PORT;
+ int use_ipv4, use_ipv6;
int full_log = 1;
char *host = SSL_HOST_NAME;
char *cert_file = NULL, *key_file = NULL, *chain_file = NULL;
@@ -709,7 +714,11 @@
#endif
char *sess_in = NULL;
char *sess_out = NULL;
- struct sockaddr peer;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage peer;
+#else
+ struct sockaddr_in peer;
+#endif
int peerlen = sizeof(peer);
int fallback_scsv = 0;
int enable_timeouts = 0;
@@ -737,6 +746,12 @@
meth = SSLv23_client_method();
+ use_ipv4 = 1;
+#if OPENSSL_USE_IPV6
+ use_ipv6 = 1;
+#else
+ use_ipv6 = 0;
+#endif
apps_startup();
c_Pause = 0;
c_quiet = 0;
@@ -1096,6 +1111,16 @@
jpake_secret = *++argv;
}
#endif
+ else if (strcmp(*argv,"-4") == 0) {
+ use_ipv4 = 1;
+ use_ipv6 = 0;
+ }
+#if OPENSSL_USE_IPV6
+ else if (strcmp(*argv,"-6") == 0) {
+ use_ipv4 = 0;
+ use_ipv6 = 1;
+ }
+#endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv, "-use_srtp") == 0) {
if (--argc < 1)
@@ -1421,7 +1446,7 @@
re_start:
- if (init_client(&s, host, port, socket_type) == 0) {
+ if (init_client(&s, host, port, socket_type, use_ipv4, use_ipv6) == 0) {
BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
SHUTDOWN(s);
goto end;
@@ -1444,7 +1469,7 @@
if (socket_type == SOCK_DGRAM) {
sbio = BIO_new_dgram(s, BIO_NOCLOSE);
- if (getsockname(s, &peer, (void *)&peerlen) < 0) {
+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) {
BIO_printf(bio_err, "getsockname:errno=%d\n",
get_last_socket_error());
SHUTDOWN(s);
--- openssl-1.0.2/apps/s_server.c
+++ openssl-1.0.2/apps/s_server.c
@@ -643,6 +643,10 @@
BIO_printf(bio_err,
" -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n");
#endif
+ BIO_printf(bio_err, " -4 - use IPv4 only\n");
+#if OPENSSL_USE_IPV6
+ BIO_printf(bio_err, " -6 - use IPv6 only\n");
+#endif
BIO_printf(bio_err,
" -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err,
@@ -1070,6 +1074,7 @@
int state = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
+ int use_ipv4, use_ipv6;
ENGINE *e = NULL;
char *inrand = NULL;
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
@@ -1111,6 +1116,12 @@
meth = SSLv23_server_method();
+ use_ipv4 = 1;
+#if OPENSSL_USE_IPV6
+ use_ipv6 = 1;
+#else
+ use_ipv6 = 0;
+#endif
local_argc = argc;
local_argv = argv;
@@ -1503,6 +1514,16 @@
jpake_secret = *(++argv);
}
#endif
+ else if (strcmp(*argv,"-4") == 0) {
+ use_ipv4 = 1;
+ use_ipv6 = 0;
+ }
+#if OPENSSL_USE_IPV6
+ else if (strcmp(*argv,"-6") == 0) {
+ use_ipv4 = 0;
+ use_ipv6 = 1;
+ }
+#endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv, "-use_srtp") == 0) {
if (--argc < 1)
@@ -2023,13 +2044,13 @@
(void)BIO_flush(bio_s_out);
if (rev)
do_server(port, socket_type, &accept_socket, rev_body, context,
- naccept);
+ naccept, use_ipv4, use_ipv6);
else if (www)
do_server(port, socket_type, &accept_socket, www_body, context,
- naccept);
+ naccept, use_ipv4, use_ipv6);
else
do_server(port, socket_type, &accept_socket, sv_body, context,
- naccept);
+ naccept, use_ipv4, use_ipv6);
print_stats(bio_s_out, ctx);
ret = 0;
end:
--- openssl-1.0.2/apps/s_socket.c
+++ openssl-1.0.2/apps/s_socket.c
@@ -101,16 +101,16 @@
# include "netdb.h"
# endif
-static struct hostent *GetHostByName(char *name);
+static struct hostent *GetHostByName(char *name, int domain);
# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
static void ssl_sock_cleanup(void);
# endif
static int ssl_sock_init(void);
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
-static int init_server(int *sock, int port, int type);
-static int init_server_long(int *sock, int port, char *ip, int type);
+static int init_client_ip(int *sock, unsigned char *ip, int port, int type, int domain);
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6);
static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
+static int host_ip(char *str, unsigned char *ip, int domain);
# ifdef OPENSSL_SYS_WIN16
# define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
@@ -231,38 +231,68 @@
return (1);
}
-int init_client(int *sock, char *host, int port, int type)
+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
{
+# if OPENSSL_USE_IPV6
+ unsigned char ip[16];
+# else
unsigned char ip[4];
+# endif
- memset(ip, '\0', sizeof ip);
- if (!host_ip(host, &(ip[0])))
- return 0;
- return init_client_ip(sock, ip, port, type);
-}
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
-{
- unsigned long addr;
+ if (use_ipv4)
+ if (host_ip(host, ip, AF_INET))
+ return(init_client_ip(sock, ip, port, type, AF_INET));
+# if OPENSSL_USE_IPV6
+ if (use_ipv6)
+ if (host_ip(host, ip, AF_INET6))
+ return(init_client_ip(sock, ip, port, type, AF_INET6));
+# endif
+ return 0;
+}
+
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
+{
+# if OPENSSL_USE_IPV6
+ struct sockaddr_storage them;
+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
+# else
struct sockaddr_in them;
+ struct sockaddr_in *them_in = &them;
+# endif
+ socklen_t addr_len;
int s, i;
if (!ssl_sock_init())
return (0);
memset((char *)&them, 0, sizeof(them));
- them.sin_family = AF_INET;
- them.sin_port = htons((unsigned short)port);
- addr = (unsigned long)
- ((unsigned long)ip[0] << 24L) |
- ((unsigned long)ip[1] << 16L) |
- ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
- them.sin_addr.s_addr = htonl(addr);
+ if (domain == AF_INET) {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
+ them_in->sin_family=AF_INET;
+ them_in->sin_port=htons((unsigned short)port);
+# ifndef BIT_FIELD_LIMITS
+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
+# else
+ memcpy(&them_in->sin_addr, ip, 4);
+# endif
+ }
+ else
+# if OPENSSL_USE_IPV6
+ {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
+ them_in6->sin6_family=AF_INET6;
+ them_in6->sin6_port=htons((unsigned short)port);
+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
+ }
+# else
+ return(0);
+# endif
if (type == SOCK_STREAM)
- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
else /* ( type == SOCK_DGRAM) */
- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP);
if (s == INVALID_SOCKET) {
perror("socket");
@@ -280,7 +310,7 @@
}
# endif
- if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
+ if (connect(s, (struct sockaddr *)&them, addr_len) == -1) {
closesocket(s);
perror("connect");
return (0);
@@ -292,14 +322,14 @@
int do_server(int port, int type, int *ret,
int (*cb) (char *hostname, int s, int stype,
unsigned char *context), unsigned char *context,
- int naccept)
+ int naccept, int use_ipv4, int use_ipv6)
{
int sock;
char *name = NULL;
int accept_socket = 0;
int i;
- if (!init_server(&accept_socket, port, type))
+ if (!init_server(&accept_socket, port, type, use_ipv4, use_ipv6))
return (0);
if (ret != NULL) {
@@ -328,32 +358,41 @@
}
}
-static int init_server_long(int *sock, int port, char *ip, int type)
+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
{
int ret = 0;
+ int domain;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_storage server;
+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
+# else
struct sockaddr_in server;
+ struct sockaddr_in *server_in = &server;
+# endif
+ socklen_t addr_len;
int s = -1;
+ if (!use_ipv4 && !use_ipv6)
+ goto err;
+# if OPENSSL_USE_IPV6
+ /* we are fine here */
+# else
+ if (use_ipv6)
+ goto err;
+# endif
if (!ssl_sock_init())
return (0);
- memset((char *)&server, 0, sizeof(server));
- server.sin_family = AF_INET;
- server.sin_port = htons((unsigned short)port);
- if (ip == NULL)
- server.sin_addr.s_addr = INADDR_ANY;
- else
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-# ifndef BIT_FIELD_LIMITS
- memcpy(&server.sin_addr.s_addr, ip, 4);
+#if OPENSSL_USE_IPV6
+ domain = use_ipv6 ? AF_INET6 : AF_INET;
# else
- memcpy(&server.sin_addr, ip, 4);
+ domain = AF_INET;
# endif
-
if (type == SOCK_STREAM)
- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
- else /* type == SOCK_DGRAM */
- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ s=socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
+ else /* type == SOCK_DGRAM */
+ s=socket(domain, SOCK_DGRAM, IPPROTO_UDP);
if (s == INVALID_SOCKET)
goto err;
@@ -363,7 +402,42 @@
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
}
# endif
- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
+# if OPENSSL_USE_IPV6
+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) {
+ const int on = 1;
+
+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
+ (const void *) &on, sizeof(int));
+ }
+# endif
+ if (domain == AF_INET) {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
+ memset(server_in, 0, sizeof(struct sockaddr_in));
+ server_in->sin_family=AF_INET;
+ server_in->sin_port = htons((unsigned short)port);
+ if (ip == NULL)
+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
+ else
+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
+# ifndef BIT_FIELD_LIMITS
+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
+# else
+ memcpy(&server_in->sin_addr, ip, 4);
+# endif
+ }
+# if OPENSSL_USE_IPV6
+ else {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
+ server_in6->sin6_family = AF_INET6;
+ server_in6->sin6_port = htons((unsigned short)port);
+ if (ip == NULL)
+ server_in6->sin6_addr = in6addr_any;
+ else
+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
+ }
+# endif
+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) {
# ifndef OPENSSL_SYS_WINDOWS
perror("bind");
# endif
@@ -381,16 +455,23 @@
return (ret);
}
-static int init_server(int *sock, int port, int type)
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
{
- return (init_server_long(sock, port, NULL, type));
+ return (init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
}
static int do_accept(int acc_sock, int *sock, char **host)
{
int ret;
struct hostent *h1, *h2;
- static struct sockaddr_in from;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage from;
+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
+#else
+ struct sockaddr_in from;
+ struct sockaddr_in *from_in = &from;
+#endif
int len;
/* struct linger ling; */
@@ -440,14 +521,25 @@
if (host == NULL)
goto end;
+# if OPENSSL_USE_IPV6
+ if (from.ss_family == AF_INET)
+# else
+ if (from.sin_family == AF_INET)
+# endif
# ifndef BIT_FIELD_LIMITS
- /* I should use WSAAsyncGetHostByName() under windows */
- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
- sizeof(from.sin_addr.s_addr), AF_INET);
+ /* I should use WSAAsyncGetHostByName() under windows */
+ h1 = gethostbyaddr((char *)&from_in->sin_addr.s_addr,
+ sizeof(from_in->sin_addr.s_addr), AF_INET);
# else
- h1 = gethostbyaddr((char *)&from.sin_addr,
- sizeof(struct in_addr), AF_INET);
+ h1 = gethostbyaddr((char *)&from_in->sin_addr,
+ sizeof(struct in_addr), AF_INET);
+# endif
+# if OPENSSL_USE_IPV6
+ else
+ h1 = gethostbyaddr((char *)&from_in6->sin6_addr,
+ sizeof(struct in6_addr), AF_INET6);
# endif
+
if (h1 == NULL) {
BIO_printf(bio_err, "bad gethostbyaddr\n");
*host = NULL;
@@ -460,14 +552,22 @@
}
BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
- h2 = GetHostByName(*host);
+# if OPENSSL_USE_IPV6
+ h2=GetHostByName(*host, from.ss_family);
+# else
+ h2=GetHostByName(*host, from.sin_family);
+# endif
if (h2 == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
closesocket(ret);
return (0);
}
- if (h2->h_addrtype != AF_INET) {
- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+# if OPENSSL_USE_IPV6
+ if (h2->h_addrtype != from.ss_family) {
+# else
+ if (h2->h_addrtype != from.sin_family) {
+# endif
+ BIO_printf(bio_err, "gethostbyname addr is not correct\n");
closesocket(ret);
return (0);
}
@@ -483,14 +583,14 @@
char *h, *p;
h = str;
- p = strchr(str, ':');
+ p = strrchr(str, ':');
if (p == NULL) {
BIO_printf(bio_err, "no port defined\n");
return (0);
}
*(p++) = '\0';
- if ((ip != NULL) && !host_ip(str, ip))
+ if ((ip != NULL) && !host_ip(str, ip, AF_INET))
goto err;
if (host_ptr != NULL)
*host_ptr = h;
@@ -502,44 +602,51 @@
return (0);
}
-static int host_ip(char *str, unsigned char ip[4])
+static int host_ip(char *str, unsigned char *ip, int domain)
{
unsigned int in[4];
+ unsigned long l;
int i;
- if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
- 4) {
+ if ((domain == AF_INET) && (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) == 4)) {
for (i = 0; i < 4; i++)
if (in[i] > 255) {
BIO_printf(bio_err, "invalid IP address\n");
goto err;
}
- ip[0] = in[0];
- ip[1] = in[1];
- ip[2] = in[2];
- ip[3] = in[3];
- } else { /* do a gethostbyname */
+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
+ memcpy(ip, &l, 4);
+ return 1;
+ }
+# if OPENSSL_USE_IPV6
+ else if ((domain == AF_INET6) && (inet_pton(AF_INET6, str, ip) == 1))
+ return 1;
+# endif
+ else { /* do a gethostbyname */
struct hostent *he;
if (!ssl_sock_init())
return (0);
- he = GetHostByName(str);
+ he = GetHostByName(str, domain);
if (he == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
goto err;
}
/* cast to short because of win16 winsock definition */
- if ((short)he->h_addrtype != AF_INET) {
- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+ if ((short)he->h_addrtype != domain) {
+ BIO_printf(bio_err, "gethostbyname addr is not correct\n");
return (0);
}
- ip[0] = he->h_addr_list[0][0];
- ip[1] = he->h_addr_list[0][1];
- ip[2] = he->h_addr_list[0][2];
- ip[3] = he->h_addr_list[0][3];
+ if (domain == AF_INET)
+ memset(ip, 0, 4);
+# if OPENSSL_USE_IPV6
+ else
+ memset(ip, 0, 16);
+# endif
+ memcpy(ip, he->h_addr_list[0], he->h_length);
+ return 1;
}
- return (1);
err:
return (0);
}
@@ -573,7 +680,7 @@
static unsigned long ghbn_hits = 0L;
static unsigned long ghbn_miss = 0L;
-static struct hostent *GetHostByName(char *name)
+static struct hostent *GetHostByName(char *name, int domain)
{
struct hostent *ret;
int i, lowi = 0;
@@ -585,13 +692,18 @@
lowi = i;
}
if (ghbn_cache[i].order > 0) {
- if (strncmp(name, ghbn_cache[i].name, 128) == 0)
+ if ((strncmp(name, ghbn_cache[i].name, 128) == 0) && (ghbn_cache[i].ent.h_addrtype == domain))
break;
}
}
if (i == GHBN_NUM) { /* no hit */
ghbn_miss++;
- ret = gethostbyname(name);
+ if (domain == AF_INET)
+ ret = gethostbyname(name);
+# if OPENSSL_USE_IPV6
+ else
+ ret = gethostbyname2(name, AF_INET6);
+# endif
if (ret == NULL)
return (NULL);
/* else add to cache */

64
dev-libs/openssl-chacha/files/openssl-1.0.2a-parallel-install-dirs.patch
View file

@ -1,64 +0,0 @@
https://rt.openssl.org/Ticket/Display.html?id=3736&user=guest&pass=guest
From aba899f2eca21e11e5e9797bf8258e7265dea9f5 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sun, 8 Mar 2015 01:32:01 -0500
Subject: [PATCH] fix parallel install with dir creation
The mkdir-p.pl does not handle parallel creation of directories.
This comes up when the install_sw and install_docs rules run and
both call mkdir-p.pl on sibling directory trees.
Instead, lets create a single install_dirs rule that makes all of
the dirs we need, and have these two install steps depend on that.
---
Makefile.org | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/Makefile.org b/Makefile.org
index a6d9471..78e6143 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -536,9 +536,9 @@
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-install: all install_docs install_sw
+install: install_docs install_sw
-install_sw:
+install_dirs:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
@@ -547,6 +547,13 @@
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+
+install_sw: install_dirs
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
@@ -636,12 +643,7 @@
done; \
done
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
+install_docs: install_dirs
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
--
2.3.4

37
dev-libs/openssl-chacha/files/openssl-1.0.2a-parallel-obj-headers.patch
View file

@ -1,37 +0,0 @@
https://rt.openssl.org/Ticket/Display.html?id=3737&user=guest&pass=guest
From ce279d4361e07e9af9ceca8a6e326e661758ad53 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sun, 8 Mar 2015 01:34:48 -0500
Subject: [PATCH] fix parallel generation of obj headers
The current code has dummy sleep/touch commands to try and work
around the parallel issue, but that is obviously racy. Instead
lets force one of the files to depend on the other so we know
they'll never run in parallel.
---
crypto/objects/Makefile | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/objects/Makefile b/crypto/objects/Makefile
index ad2db1e..7d32504 100644
--- a/crypto/objects/Makefile
+++ b/crypto/objects/Makefile
@@ -44,11 +44,11 @@
# objects.pl both reads and writes obj_mac.num
obj_mac.h: objects.pl objects.txt obj_mac.num
$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
- @sleep 1; touch obj_mac.h; sleep 1
-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+# This doesn't really need obj_mac.h, but since that rule reads & writes
+# obj_mac.num, we can't run in parallel with it.
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
- @sleep 1; touch obj_xref.h; sleep 1
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
--
2.3.4

63
dev-libs/openssl-chacha/files/openssl-1.0.2a-parallel-symlinking.patch
View file

@ -1,63 +0,0 @@
https://rt.openssl.org/Ticket/Display.html?id=3780&user=guest&pass=guest
From cc81af135bda47eaa6956a0329cbbc55bf993ac1 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Fri, 3 Apr 2015 01:16:23 -0400
Subject: [PATCH] fix race when symlink shareds libs
When the crypto/ssl targets attempt to build their shared libs, they run:
cd ..; make libcrypto.so.1.0.0
The top level Makefile in turn runs the build-shared target for that lib.
The build-shared target depends on both do_$(SHLIB_TARGET) & link-shared.
When building in parallel, make is allowed to run both of these. They
both run Makefile.shared for their respective targets:
do_$(SHLIB_TARGET) ->
link_a.linux-shared ->
link_a.gnu ->
...; $(LINK_SO_A) ->
$(LINK_SO) ->
$(SYMLINK_SO)
link-shared ->
symlink.linux-shared ->
symlink.gnu ->
...; $(SYMLINK_SO)
The shell code for SYMLINK_SO attempts to do a [ -e lib ] check, but fails
basic TOCTOU semantics. Depending on the load, that means two processes
will run the sequence:
rm -f libcrypto.so
ln -s libcrypto.so.1.0.0 libcrypto.so
Which obviously fails:
ln: failed to create symbolic link 'libcrypto.so': File exists
Since we know do_$(SHLIB_TARGET) will create the symlink for us, don't
bother depending on link-shared at all in the top level Makefile when
building things.
Reported-by: Martin von Gagern <Martin.vGagern@gmx.net>
URL: https://bugs.gentoo.org/545028
---
Makefile.org | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/Makefile.org b/Makefile.org
index 890bfe4..576c60e 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -350,7 +350,10 @@ link-shared:
libs="$$libs -l$$i"; \
done
-build-shared: do_$(SHLIB_TARGET) link-shared
+# The link target in Makefile.shared will create the symlink for us, so no need
+# to call link-shared directly. Doing so will cause races with two processes
+# trying to symlink the lib.
+build-shared: do_$(SHLIB_TARGET)
do_$(SHLIB_TARGET):
@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
--
2.3.4

43
dev-libs/openssl-chacha/files/openssl-1.0.2a-x32-asm.patch
View file

@ -1,43 +0,0 @@
https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest
From 6257d59b3a68d2feb9d64317a1c556dc3813ee61 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sat, 21 Mar 2015 06:01:25 -0400
Subject: [PATCH] crypto: use bigint in x86-64 perl
When building on x32 systems where the default type is 32bit, make sure
we can transparently represent 64bit integers. Otherwise we end up with
build errors like:
/usr/bin/perl asm/ghash-x86_64.pl elf > ghash-x86_64.s
Integer overflow in hexadecimal number at asm/../../perlasm/x86_64-xlate.pl line 201, <> line 890.
...
ghash-x86_64.s: Assembler messages:
ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression
We don't enable this globally as there are some cases where we'd get
32bit values interpreted as unsigned when we need them as signed.
Reported-by: Bertrand Jacquin <bertrand@jacquin.bzh>
URL: https://bugs.gentoo.org/542618
---
crypto/perlasm/x86_64-xlate.pl | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index aae8288..0bf9774 100755
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -195,6 +195,10 @@ my %globals;
sub out {
my $self = shift;
+ # When building on x32 ABIs, the expanded hex value might be too
+ # big to fit into 32bits. Enable transparent 64bit support here
+ # so we can safely print it out.
+ use bigint;
if ($gas) {
# Solaris /usr/ccs/bin/as can't handle multiplications
# in $self->{value}
--
2.3.3

326
dev-libs/openssl-chacha/files/openssl-1.0.2i-parallel-build.patch
View file

@ -1,326 +0,0 @@
--- openssl-1.0.2i/crypto/Makefile
+++ openssl-1.0.2i/crypto/Makefile
@@ -85,11 +85,11 @@
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
subdirs:
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
- @target=files; $(RECURSIVE_MAKE)
+ +@target=files; $(RECURSIVE_MAKE)
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@@ -100,7 +100,7 @@
# lib: $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
@touch lib
-$(LIB): $(LIBOBJ)
+$(LIB): $(LIBOBJ) | subdirs
$(AR) $(LIB) $(LIBOBJ)
test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
@@ -111,7 +111,7 @@
fi
libs:
- @target=lib; $(RECURSIVE_MAKE)
+ +@target=lib; $(RECURSIVE_MAKE)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@@ -120,7 +120,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
lint:
@target=lint; $(RECURSIVE_MAKE)
--- openssl-1.0.2i/engines/Makefile
+++ openssl-1.0.2i/engines/Makefile
@@ -72,7 +72,7 @@
all: lib subdirs
-lib: $(LIBOBJ)
+lib: $(LIBOBJ) | subdirs
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
for l in $(LIBNAMES); do \
@@ -89,7 +89,7 @@
subdirs:
echo $(EDIRS)
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -128,7 +128,7 @@
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
done; \
fi
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
tags:
ctags $(SRC)
--- openssl-1.0.2i/Makefile.org
+++ openssl-1.0.2i/Makefile.org
@@ -281,17 +281,17 @@
build_libssl: build_ssl libssl.pc
build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
+ +@dir=test; target=all; $(BUILD_ONE_CMD)
build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
@@ -547,7 +547,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
--- openssl-1.0.2i/Makefile.shared
+++ openssl-1.0.2i/Makefile.shared
@@ -105,6 +105,7 @@
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
@@ -122,6 +123,7 @@
done; \
fi; \
if [ -n "$$SHLIB_SOVER" ]; then \
+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
fi; \
--- openssl-1.0.2i/test/Makefile
+++ openssl-1.0.2i/test/Makefile
@@ -144,7 +144,7 @@
tags:
ctags $(SRC)
-tests: exe apps $(TESTS)
+tests: exe $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
@@ -435,136 +435,136 @@
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
- @target=$(RSATEST); $(BUILD_CMD)
+ +@target=$(RSATEST); $(BUILD_CMD)
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
- @target=$(BNTEST); $(BUILD_CMD)
+ +@target=$(BNTEST); $(BUILD_CMD)
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
- @target=$(ECTEST); $(BUILD_CMD)
+ +@target=$(ECTEST); $(BUILD_CMD)
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
- @target=$(EXPTEST); $(BUILD_CMD)
+ +@target=$(EXPTEST); $(BUILD_CMD)
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
- @target=$(IDEATEST); $(BUILD_CMD)
+ +@target=$(IDEATEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
- @target=$(MD2TEST); $(BUILD_CMD)
+ +@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
- @target=$(SHATEST); $(BUILD_CMD)
+ +@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
- @target=$(SHA1TEST); $(BUILD_CMD)
+ +@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
- @target=$(SHA256TEST); $(BUILD_CMD)
+ +@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
- @target=$(SHA512TEST); $(BUILD_CMD)
+ +@target=$(SHA512TEST); $(BUILD_CMD)
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
- @target=$(RMDTEST); $(BUILD_CMD)
+ +@target=$(RMDTEST); $(BUILD_CMD)
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
- @target=$(MDC2TEST); $(BUILD_CMD)
+ +@target=$(MDC2TEST); $(BUILD_CMD)
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
- @target=$(MD4TEST); $(BUILD_CMD)
+ +@target=$(MD4TEST); $(BUILD_CMD)
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
- @target=$(MD5TEST); $(BUILD_CMD)
+ +@target=$(MD5TEST); $(BUILD_CMD)
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
- @target=$(HMACTEST); $(BUILD_CMD)
+ +@target=$(HMACTEST); $(BUILD_CMD)
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
- @target=$(WPTEST); $(BUILD_CMD)
+ +@target=$(WPTEST); $(BUILD_CMD)
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
- @target=$(RC2TEST); $(BUILD_CMD)
+ +@target=$(RC2TEST); $(BUILD_CMD)
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
- @target=$(BFTEST); $(BUILD_CMD)
+ +@target=$(BFTEST); $(BUILD_CMD)
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
- @target=$(CASTTEST); $(BUILD_CMD)
+ +@target=$(CASTTEST); $(BUILD_CMD)
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
- @target=$(RC4TEST); $(BUILD_CMD)
+ +@target=$(RC4TEST); $(BUILD_CMD)
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
- @target=$(RC5TEST); $(BUILD_CMD)
+ +@target=$(RC5TEST); $(BUILD_CMD)
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
- @target=$(DESTEST); $(BUILD_CMD)
+ +@target=$(DESTEST); $(BUILD_CMD)
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
- @target=$(RANDTEST); $(BUILD_CMD)
+ +@target=$(RANDTEST); $(BUILD_CMD)
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
- @target=$(DHTEST); $(BUILD_CMD)
+ +@target=$(DHTEST); $(BUILD_CMD)
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
- @target=$(DSATEST); $(BUILD_CMD)
+ +@target=$(DSATEST); $(BUILD_CMD)
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
- @target=$(METHTEST); $(BUILD_CMD)
+ +@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
- @target=$(ENGINETEST); $(BUILD_CMD)
+ +@target=$(ENGINETEST); $(BUILD_CMD)
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
- @target=$(EVPTEST); $(BUILD_CMD)
+ +@target=$(EVPTEST); $(BUILD_CMD)
$(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
- @target=$(EVPEXTRATEST); $(BUILD_CMD)
+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
- @target=$(ECDSATEST); $(BUILD_CMD)
+ +@target=$(ECDSATEST); $(BUILD_CMD)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
- @target=$(ECDHTEST); $(BUILD_CMD)
+ +@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
- @target=$(IGETEST); $(BUILD_CMD)
+ +@target=$(IGETEST); $(BUILD_CMD)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
- @target=$(JPAKETEST); $(BUILD_CMD)
+ +@target=$(JPAKETEST); $(BUILD_CMD)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
- @target=$(ASN1TEST); $(BUILD_CMD)
+ +@target=$(ASN1TEST); $(BUILD_CMD)
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
- @target=$(SRPTEST); $(BUILD_CMD)
+ +@target=$(SRPTEST); $(BUILD_CMD)
$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
- @target=$(V3NAMETEST); $(BUILD_CMD)
+ +@target=$(V3NAMETEST); $(BUILD_CMD)
$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
- @target=$(CONSTTIMETEST) $(BUILD_CMD)
+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
$(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o
- @target=$(VERIFYEXTRATEST) $(BUILD_CMD)
+ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD)
$(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o
- @target=$(CLIENTHELLOTEST) $(BUILD_CMD)
+ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD)
$(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o
- @target=$(BADDTLSTEST) $(BUILD_CMD)
+ +@target=$(BADDTLSTEST) $(BUILD_CMD)
$(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o
- @target=$(SSLV2CONFTEST) $(BUILD_CMD)
+ +@target=$(SSLV2CONFTEST) $(BUILD_CMD)
$(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD)
+ +@target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -577,7 +577,7 @@
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
- @target=dummytest; $(BUILD_CMD)
+ +@target=dummytest; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.

10
dev-libs/openssl-chacha/metadata.xml
View file

@ -1,10 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>blshkv@pentoo.org</email>
</maintainer>
<upstream>
<remote-id type="github">PeterMosmans/openssl</remote-id>
</upstream>
</pkgmetadata>

220
dev-libs/openssl-chacha/openssl-chacha-1.0.2_p20170706.ebuild
View file

@ -1,220 +0,0 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal git-r3
DESCRIPTION="Extra featured OpenSSL with ChaCha20 and Poly1305 support"
HOMEPAGE="https://github.com/PeterMosmans/openssl"
EGIT_REPO_URI="https://github.com/PeterMosmans/openssl.git"
EGIT_BRANCH="1.0.2-chacha"
EGIT_COMMIT="c9ba19c8b7fd131137373dbd1fccd6a8bb0628be"
LICENSE="openssl"
SLOT="1.0.2"
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 +sslv2 +sslv3 +static-libs test +tls-heartbeat vanilla zlib"
RESTRICT="!bindist? ( bindist )"
RDEPEND=">=app-misc/c_rehash-1.7-r1
gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )"
DEPEND="${RDEPEND}
>=dev-lang/perl-5
sctp? ( >=net-misc/lksctp-tools-1.0.12 )
test? (
sys-apps/diffutils
sys-devel/bc
)"
PDEPEND="app-misc/ca-certificates"
MULTILIB_WRAPPED_HEADERS=(
usr/include/openssl/opensslconf.h
)
# Do not install any docs
DOCS=()
src_prepare() {
# keep this in sync with app-misc/c_rehash
SSL_CNF_DIR="/etc/ssl"
# sed -i 's|SHLIB_EXT=.so.|SHLIB_EXT=-chacha.so.|' Makefile || die
# sed -i 's|SHLIB_EXT=$shared_extension|SHLIB_EXT=-chacha$shared_extension|' Configure || die
# sed -i 's|shared_extension = .so.|shared_extension = -chacha.so.|' TABLE || die
# Make sure we only ever touch Makefile.org and avoid patching a file
# that gets blown away anyways by the Configure script in src_configure
rm -f Makefile
if ! use vanilla ; then
epatch "${FILESDIR}"/openssl-1.0.0a-ldflags.patch #327421
# epatch "${FILESDIR}"/openssl-1.0.2i-parallel-build.patch
epatch "${FILESDIR}"/openssl-1.0.2a-parallel-obj-headers.patch
epatch "${FILESDIR}"/openssl-1.0.2a-parallel-install-dirs.patch
epatch "${FILESDIR}"/openssl-1.0.2a-parallel-symlinking.patch #545028
# epatch "${FILESDIR}"/openssl-1.0.2-ipv6.patch
epatch "${FILESDIR}"/openssl-1.0.2a-x32-asm.patch #542618
epatch "${FILESDIR}"/openssl-1.0.1p-default-source.patch #554338
epatch_user #332661
fi
# disable fips in the build
# make sure the man pages are suffixed #302165
# don't bother building man pages if they're disabled
sed -i \
-e '/DIRS/s: fips : :g' \
-e '/^MANSUFFIX/s:=.*:=ssl:' \
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
-e $(has noman FEATURES \
&& echo '/^install:/s:install_docs::' \
|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
Makefile.org \
|| die
# show the actual commands in the log
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
#blshkv test
# update the enginedir path.
# punt broken config we don't care about as it fails sanity check.
sed -i \
-e '/^"debug-ben-debug-64"/d' \
-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
Configure || die
# since we're forcing $(CC) as makedep anyway, just fix
# the conditional as always-on
# helps clang (#417795), and versioned gcc (#499818)
sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
# quiet out unknown driver argument warnings since openssl
# doesn't have well-split CFLAGS and we're making it even worse
# and 'make depend' uses -Werror for added fun (#417795 again)
[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
# allow openssl to be cross-compiled
cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
chmod a+rx gentoo.config
append-flags -fno-strict-aliasing
append-flags $(test-flags-CC -Wa,--noexecstack)
append-cppflags -DOPENSSL_NO_BUF_FREELISTS
sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
# The config script does stupid stuff to prompt the user. Kill it.
sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
./config --test-sanity || die "I AM NOT SANE"
multilib_copy_sources
}
multilib_src_configure() {
unset APPS #197996
unset SCRIPTS #312551
unset CROSS_COMPILE #311473
tc-export CC AR RANLIB RC
# Clean out patent-or-otherwise-encumbered code
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
# RC5: Expired http://en.wikipedia.org/wiki/RC5
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
echoit() { echo "$@" ; "$@" ; }
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
# See if our toolchain supports __uint128_t. If so, it's 64bit
# friendly and can use the nicely optimized code paths. #460790
local ec_nistp_64_gcc_128
# Disable it for now though #469976
#if ! use bindist ; then
# echo "__uint128_t i;" > "${T}"/128.c
# if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
# ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
# fi
#fi
# https://github.com/openssl/openssl/issues/2286
if use ia64 ; then
replace-flags -g3 -g2
replace-flags -ggdb3 -ggdb2
fi
local sslout=$(./gentoo.config)
einfo "Use configuration ${sslout:-(openssl knows best)}"
local config="Configure"
[[ -z ${sslout} ]] && config="config"
einfo "Current config: ${config}"
echoit \
./${config} \
${sslout} \
$(use cpu_flags_x86_sse2 || echo "no-sse2") \
enable-camellia \
$(use_ssl !bindist ec) \
${ec_nistp_64_gcc_128} \
enable-idea \
enable-mdc2 \
enable-rc5 \
enable-md2 \
enable-tlsext \
enable-gost \
enable-cast \
enable-ripemd \
$(use_ssl asm) \
$(use_ssl gmp gmp -lgmp) \
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
$(use_ssl rfc3779) \
$(use_ssl sctp) \
$(use_ssl sslv2 ssl2) \
$(use_ssl sslv3 ssl3) \
$(use_ssl tls-heartbeat heartbeats) \
$(use_ssl zlib) \
no-zlib-dynamic \
--prefix="${EPREFIX}"/usr \
--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
--libdir=$(get_libdir) \
shared threads \
|| die
# Clean out hardcoded flags that openssl uses
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
-e 's:^CFLAG=::' \
-e 's:-fomit-frame-pointer ::g' \
-e 's:-O[0-9] ::g' \
-e 's:-march=[-a-z0-9]* ::g' \
-e 's:-mcpu=[-a-z0-9]* ::g' \
-e 's:-m[a-z0-9]* ::g' \
)
sed -i \
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
Makefile || die
}
multilib_src_compile() {
# depend is needed to use $confopts; it also doesn't matter
# that it's -j1 as the code itself serializes subdirs
emake -j1 depend
emake -j1 build_libs
}
multilib_src_test() {
emake -j1 test
}
multilib_src_install() {
dolib.so lib{crypto,ssl}.so.1.0.2
if use static-libs ; then
newlib.a libcrypto.a libcrypto.a.1.0.2
newlib.a libssl.a libssl.a.1.0.2
fi
}