fix https://github.com/pentoo/pentoo-overlay/issues/1544

Two changes in the -r1: 1. || die added to all three invoke calls — failures were silently ignored before, leaving an invalid libcrypto.a that only blew up at link time with the cryptic "file format not recognized" error. 2. Strip -Werror=implicit-function-declaration and -Werror=implicit-int from CFLAGS/CXXFLAGS before invoking — invoke inherits the full portage environment, so the tinderbox's strict clang flags were being passed into the OpenSSL 1.0.2e build.
2026-05-08 12:30:44 +02:00 · 2026-05-06 07:57:03 +08:00 · 2026-05-06 07:57:03 +08:00 · e507665810
commit e507665810
parent 303180ea10
1 changed files with 65 additions and 0 deletions
--- a/dev-python/nassl/nassl-5.4.0-r1.ebuild
+++ b/dev-python/nassl/nassl-5.4.0-r1.ebuild
@ -0,0 +1,65 @@
+# Copyright 2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_EXT=1
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{12..14} )
+
+inherit distutils-r1 multiprocessing
+
+# openssl system can be used optionally
+# something to investigate in https://github.com/nabla-c0d3/sslyze/issues/101
+# see tags in "build_tasks.py" file
+MY_OPENSSL_MODERN="OpenSSL_1_1_1w"
+MY_OPENSSL_LEGACY="OpenSSL_1_0_2e"
+MY_ZLIB="zlib-1.2.13"
+
+DESCRIPTION="Experimental OpenSSL wrapper for Python 3.7+ and SSLyze"
+HOMEPAGE="https://github.com/nabla-c0d3/nassl"
+SRC_URI="https://github.com/nabla-c0d3/nassl/archive/${PV}.tar.gz -> ${P}.tar.gz
+	https://github.com/openssl/openssl/archive/${MY_OPENSSL_LEGACY}.tar.gz -> openssl-${MY_OPENSSL_LEGACY}.tar.gz
+	https://github.com/openssl/openssl/archive/${MY_OPENSSL_MODERN}.tar.gz -> openssl-${MY_OPENSSL_MODERN}.tar.gz
+	https://zlib.net/${MY_ZLIB}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~arm64 x86"
+
+#BDEPEND="app-arch/unzip"
+DEPEND="${RDEPEND}
+	>=dev-python/invoke-2.0.0[${PYTHON_USEDEP}]
+	dev-python/setuptools[${PYTHON_USEDEP}]"
+
+src_prepare() {
+	rm -r tests
+
+	mkdir deps
+	ln -s "${WORKDIR}/openssl-${MY_OPENSSL_LEGACY}" "${S}/deps"
+	ln -s "${WORKDIR}/openssl-${MY_OPENSSL_MODERN}" "${S}/deps"
+	ln -s "${WORKDIR}/${MY_ZLIB}" "${S}/deps"
+
+	sed -i "s|ctx.run(\"make\")|ctx.run\(\"make -j$(makeopts_jobs)\"\)|g" build_tasks.py
+	eapply_user
+}
+
+src_compile() {
+	# FIXME: get rid of invoke and compile it using Gentoo env
+	# https://github.com/nabla-c0d3/nassl/issues/42
+	# invoke inherits the full environment; strip -Werror flags that break
+	# the bundled OpenSSL 1.0.2e build with strict compilers (bug #1544)
+	local -x CFLAGS="${CFLAGS//-Werror=implicit-function-declaration/}"
+	local -x CFLAGS="${CFLAGS//-Werror=implicit-int/}"
+	local -x CXXFLAGS="${CXXFLAGS//-Werror=implicit-function-declaration/}"
+	local -x CXXFLAGS="${CXXFLAGS//-Werror=implicit-int/}"
+	${EPYTHON} /usr/bin/invoke build.zlib --do-not-clean || die
+	${EPYTHON} /usr/bin/invoke build.legacy-openssl --do-not-clean || die
+	${EPYTHON} /usr/bin/invoke build.modern-openssl --do-not-clean || die
+	distutils-r1_src_compile
+}
+
+python_compile() {
+	MAKEOPTS="${MAKEOPTS} -j1"
+	distutils-r1_python_compile build_ext
+}