openssl-1.0.1g added
This commit is contained in:
parent
24378b1f76
commit
d16a262174
|
@ -0,0 +1,164 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# Copyright 1999-2014 Gentoo Foundation
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.1,v 1.2 2014/01/17 04:27:03 vapier Exp $
|
||||||
|
#
|
||||||
|
# Openssl doesn't play along nicely with cross-compiling
|
||||||
|
# like autotools based projects, so let's teach it new tricks.
|
||||||
|
#
|
||||||
|
# Review the bundled 'config' script to see why kind of targets
|
||||||
|
# we can pass to the 'Configure' script.
|
||||||
|
|
||||||
|
|
||||||
|
# Testing routines
|
||||||
|
if [[ $1 == "test" ]] ; then
|
||||||
|
for c in \
|
||||||
|
"arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \
|
||||||
|
"armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \
|
||||||
|
"x86_64-pc-linux-gnu |linux-x86_64" \
|
||||||
|
"alpha-linux-gnu |linux-alpha-gcc" \
|
||||||
|
"alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \
|
||||||
|
"i686-pc-linux-gnu |linux-elf" \
|
||||||
|
"whatever-gentoo-freebsdX.Y |BSD-generic32" \
|
||||||
|
"i686-gentoo-freebsdX.Y |BSD-x86-elf" \
|
||||||
|
"sparc64-alpha-freebsdX.Y |BSD-sparc64" \
|
||||||
|
"ia64-gentoo-freebsd5.99234 |BSD-ia64" \
|
||||||
|
"x86_64-gentoo-freebsdX.Y |BSD-x86_64" \
|
||||||
|
"hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \
|
||||||
|
"powerpc-gentOO-linux-uclibc |linux-ppc" \
|
||||||
|
"powerpc64-unk-linux-gnu |linux-ppc64" \
|
||||||
|
"x86_64-apple-darwinX |darwin64-x86_64-cc" \
|
||||||
|
"powerpc64-apple-darwinX |darwin64-ppc-cc" \
|
||||||
|
"i686-apple-darwinX |darwin-i386-cc" \
|
||||||
|
"i386-apple-darwinX |darwin-i386-cc" \
|
||||||
|
"powerpc-apple-darwinX |darwin-ppc-cc" \
|
||||||
|
"i586-pc-winnt |winnt-parity" \
|
||||||
|
"s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \
|
||||||
|
"s390x-linux-gnu |linux64-s390x" \
|
||||||
|
;do
|
||||||
|
CHOST=${c/|*}
|
||||||
|
ret_want=${c/*|}
|
||||||
|
ret_got=$(CHOST=${CHOST} "$0")
|
||||||
|
|
||||||
|
if [[ ${ret_want} == "${ret_got}" ]] ; then
|
||||||
|
echo "PASS: ${CHOST}"
|
||||||
|
else
|
||||||
|
echo "FAIL: ${CHOST}"
|
||||||
|
echo -e "\twanted: ${ret_want}"
|
||||||
|
echo -e "\twe got: ${ret_got}"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
[[ -z ${CHOST} && -n $1 ]] && CHOST=$1
|
||||||
|
|
||||||
|
|
||||||
|
# Detect the operating system
|
||||||
|
case ${CHOST} in
|
||||||
|
*-aix*) system="aix";;
|
||||||
|
*-darwin*) system="darwin";;
|
||||||
|
*-freebsd*) system="BSD";;
|
||||||
|
*-hpux*) system="hpux";;
|
||||||
|
*-linux*) system="linux";;
|
||||||
|
*-solaris*) system="solaris";;
|
||||||
|
*-winnt*) system="winnt";;
|
||||||
|
x86_64-*-mingw*) system="mingw64";;
|
||||||
|
*mingw*) system="mingw";;
|
||||||
|
*) exit 0;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
||||||
|
# Compiler munging
|
||||||
|
compiler="gcc"
|
||||||
|
if [[ ${CC} == "ccc" ]] ; then
|
||||||
|
compiler=${CC}
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Detect target arch
|
||||||
|
machine=""
|
||||||
|
chost_machine=${CHOST%%-*}
|
||||||
|
case ${system} in
|
||||||
|
linux)
|
||||||
|
case ${chost_machine}:${ABI} in
|
||||||
|
aarch64*be) machine="generic64 -DB_ENDIAN";;
|
||||||
|
aarch64*) machine="generic64 -DL_ENDIAN";;
|
||||||
|
alphaev56*|\
|
||||||
|
alphaev[678]*)machine=alpha+bwx-${compiler};;
|
||||||
|
alpha*) machine=alpha-${compiler};;
|
||||||
|
armv[4-9]*b*) machine="armv4 -DB_ENDIAN";;
|
||||||
|
armv[4-9]*) machine="armv4 -DL_ENDIAN";;
|
||||||
|
arm*b*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
arm*) machine="generic32 -DL_ENDIAN";;
|
||||||
|
avr*) machine="generic32 -DL_ENDIAN";;
|
||||||
|
bfin*) machine="generic32 -DL_ENDIAN";;
|
||||||
|
# hppa64*) machine=parisc64;;
|
||||||
|
hppa*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
i[0-9]86*|\
|
||||||
|
x86_64*:x86) machine=elf;;
|
||||||
|
ia64*) machine=ia64;;
|
||||||
|
m68*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
mips*el*) machine="generic32 -DL_ENDIAN";;
|
||||||
|
mips*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
powerpc64*le) machine="generic64 -DL_ENDIAN";;
|
||||||
|
powerpc64*) machine=ppc64;;
|
||||||
|
powerpc*le) machine="generic32 -DL_ENDIAN";;
|
||||||
|
powerpc*) machine=ppc;;
|
||||||
|
# sh64*) machine=elf;;
|
||||||
|
sh*b*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
sh*) machine="generic32 -DL_ENDIAN";;
|
||||||
|
sparc*v7*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
sparc64*) machine=sparcv9;;
|
||||||
|
sparc*) machine=sparcv8;;
|
||||||
|
s390x*) machine=s390x system=linux64;;
|
||||||
|
s390*) machine="generic32 -DB_ENDIAN";;
|
||||||
|
x86_64*:x32) machine=x32;;
|
||||||
|
x86_64*) machine=x86_64;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
BSD)
|
||||||
|
case ${chost_machine} in
|
||||||
|
alpha*) machine=generic64;;
|
||||||
|
i[6-9]86*) machine=x86-elf;;
|
||||||
|
ia64*) machine=ia64;;
|
||||||
|
sparc64*) machine=sparc64;;
|
||||||
|
x86_64*) machine=x86_64;;
|
||||||
|
*) machine=generic32;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
aix)
|
||||||
|
machine=${compiler}
|
||||||
|
;;
|
||||||
|
darwin)
|
||||||
|
case ${chost_machine} in
|
||||||
|
powerpc64) machine=ppc-cc; system=${system}64;;
|
||||||
|
powerpc) machine=ppc-cc;;
|
||||||
|
i?86*) machine=i386-cc;;
|
||||||
|
x86_64) machine=x86_64-cc; system=${system}64;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
hpux)
|
||||||
|
case ${chost_machine} in
|
||||||
|
ia64) machine=ia64-${compiler} ;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
solaris)
|
||||||
|
case ${chost_machine} in
|
||||||
|
i386) machine=x86-${compiler} ;;
|
||||||
|
x86_64*) machine=x86_64-${compiler}; system=${system}64;;
|
||||||
|
sparcv9*) machine=sparcv9-${compiler}; system=${system}64;;
|
||||||
|
sparc*) machine=sparcv8-${compiler};;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
winnt)
|
||||||
|
machine=parity
|
||||||
|
;;
|
||||||
|
mingw*)
|
||||||
|
# special case ... no xxx-yyy style name
|
||||||
|
echo ${system}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
||||||
|
# If we have something, show it
|
||||||
|
[[ -n ${machine} ]] && echo ${system}-${machine}
|
|
@ -0,0 +1,23 @@
|
||||||
|
http://bugs.gentoo.org/327421
|
||||||
|
|
||||||
|
--- Makefile.org
|
||||||
|
+++ Makefile.org
|
||||||
|
@@ -189,6 +189,7 @@
|
||||||
|
MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
|
||||||
|
DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
|
||||||
|
MAKEDEPPROG='$(MAKEDEPPROG)' \
|
||||||
|
+ LDFLAGS='${LDFLAGS}' \
|
||||||
|
SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
|
||||||
|
KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
|
||||||
|
ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
|
||||||
|
--- Makefile.shared
|
||||||
|
+++ Makefile.shared
|
||||||
|
@@ -153,7 +153,7 @@
|
||||||
|
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
|
||||||
|
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
|
||||||
|
|
||||||
|
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
|
||||||
|
+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
|
||||||
|
|
||||||
|
#This is rather special. It's a special target with which one can link
|
||||||
|
#applications without bothering with any features that have anything to
|
|
@ -0,0 +1,76 @@
|
||||||
|
URL: http://rt.openssl.org/Ticket/Display.html?id=2558
|
||||||
|
Subject: make windres controllable via build env var settings
|
||||||
|
|
||||||
|
atm, the windres code in openssl is only usable via the cross-compile prefix
|
||||||
|
option unlike all the other build tools. so add support for the standard $RC
|
||||||
|
/ $WINDRES env vars as well.
|
||||||
|
|
||||||
|
Index: Configure
|
||||||
|
===================================================================
|
||||||
|
RCS file: /usr/local/src/openssl/CVSROOT/openssl/Configure,v
|
||||||
|
retrieving revision 1.621.2.40
|
||||||
|
diff -u -p -r1.621.2.40 Configure
|
||||||
|
--- Configure 30 Nov 2010 22:19:26 -0000 1.621.2.40
|
||||||
|
+++ Configure 4 Jul 2011 23:12:32 -0000
|
||||||
|
@@ -1094,6 +1094,7 @@ my $shared_extension = $fields[$idx_shar
|
||||||
|
my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
|
||||||
|
my $ar = $ENV{'AR'} || "ar";
|
||||||
|
my $arflags = $fields[$idx_arflags];
|
||||||
|
+my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres";
|
||||||
|
my $multilib = $fields[$idx_multilib];
|
||||||
|
|
||||||
|
# if $prefix/lib$multilib is not an existing directory, then
|
||||||
|
@@ -1511,12 +1512,14 @@ while (<IN>)
|
||||||
|
s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
|
||||||
|
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
|
||||||
|
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
|
||||||
|
+ s/^WINDRES=\s*/WINDRES= \$\(CROSS_COMPILE\)/;
|
||||||
|
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
s/^CC=.*$/CC= $cc/;
|
||||||
|
s/^AR=\s*ar/AR= $ar/;
|
||||||
|
s/^RANLIB=.*/RANLIB= $ranlib/;
|
||||||
|
+ s/^WINDRES=.*/WINDRES= $windres/;
|
||||||
|
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
|
||||||
|
}
|
||||||
|
s/^CFLAG=.*$/CFLAG= $cflags/;
|
||||||
|
Index: Makefile.org
|
||||||
|
===================================================================
|
||||||
|
RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.org,v
|
||||||
|
retrieving revision 1.295.2.10
|
||||||
|
diff -u -p -r1.295.2.10 Makefile.org
|
||||||
|
--- Makefile.org 27 Jan 2010 16:06:58 -0000 1.295.2.10
|
||||||
|
+++ Makefile.org 4 Jul 2011 23:13:08 -0000
|
||||||
|
@@ -66,6 +66,7 @@ EXE_EXT=
|
||||||
|
ARFLAGS=
|
||||||
|
AR=ar $(ARFLAGS) r
|
||||||
|
RANLIB= ranlib
|
||||||
|
+WINDRES= windres
|
||||||
|
NM= nm
|
||||||
|
PERL= perl
|
||||||
|
TAR= tar
|
||||||
|
@@ -180,6 +181,7 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESS
|
||||||
|
CC='$(CC)' CFLAG='$(CFLAG)' \
|
||||||
|
AS='$(CC)' ASFLAG='$(CFLAG) -c' \
|
||||||
|
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
|
||||||
|
+ WINDRES='$(WINDRES)' \
|
||||||
|
CROSS_COMPILE='$(CROSS_COMPILE)' \
|
||||||
|
PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
|
||||||
|
SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
|
||||||
|
Index: Makefile.shared
|
||||||
|
===================================================================
|
||||||
|
RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.shared,v
|
||||||
|
retrieving revision 1.72.2.4
|
||||||
|
diff -u -p -r1.72.2.4 Makefile.shared
|
||||||
|
--- Makefile.shared 21 Aug 2010 11:36:49 -0000 1.72.2.4
|
||||||
|
+++ Makefile.shared 4 Jul 2011 23:13:52 -0000
|
||||||
|
@@ -293,7 +293,7 @@ link_a.cygwin:
|
||||||
|
fi; \
|
||||||
|
dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
|
||||||
|
$(PERL) util/mkrc.pl $$dll_name | \
|
||||||
|
- $(CROSS_COMPILE)windres -o rc.o; \
|
||||||
|
+ $(WINDRES) -o rc.o; \
|
||||||
|
extras="$$extras rc.o"; \
|
||||||
|
ALLSYMSFLAGS='-Wl,--whole-archive'; \
|
||||||
|
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
|
|
@ -0,0 +1,32 @@
|
||||||
|
depend on other pc files rather than encoding library info directly in
|
||||||
|
every pkg-config file
|
||||||
|
|
||||||
|
--- a/Makefile.org
|
||||||
|
+++ b/Makefile.org
|
||||||
|
@@ -335,11 +335,11 @@ libssl.pc: Makefile
|
||||||
|
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
|
||||||
|
echo 'includedir=$${prefix}/include'; \
|
||||||
|
echo ''; \
|
||||||
|
- echo 'Name: OpenSSL'; \
|
||||||
|
+ echo 'Name: OpenSSL-libssl'; \
|
||||||
|
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
|
||||||
|
echo 'Version: '$(VERSION); \
|
||||||
|
- echo 'Requires: '; \
|
||||||
|
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
|
||||||
|
+ echo 'Requires.private: libcrypto'; \
|
||||||
|
+ echo 'Libs: -L$${libdir} -lssl'; \
|
||||||
|
echo 'Libs.private: $(EX_LIBS)'; \
|
||||||
|
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
|
||||||
|
|
||||||
|
@@ -352,10 +353,7 @@ openssl.pc: Makefile
|
||||||
|
echo 'Name: OpenSSL'; \
|
||||||
|
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
|
||||||
|
echo 'Version: '$(VERSION); \
|
||||||
|
- echo 'Requires: '; \
|
||||||
|
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
|
||||||
|
- echo 'Libs.private: $(EX_LIBS)'; \
|
||||||
|
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
|
||||||
|
+ echo 'Requires: libssl libcrypto' ) > openssl.pc
|
||||||
|
|
||||||
|
Makefile: Makefile.org Configure config
|
||||||
|
@echo "Makefile is older than Makefile.org, Configure or config."
|
|
@ -0,0 +1,354 @@
|
||||||
|
http://rt.openssl.org/Ticket/Display.html?id=2084
|
||||||
|
|
||||||
|
--- a/Makefile.org
|
||||||
|
+++ b/Makefile.org
|
||||||
|
@@ -247,17 +247,17 @@
|
||||||
|
build_libs: build_crypto build_ssl build_engines
|
||||||
|
|
||||||
|
build_crypto:
|
||||||
|
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
|
||||||
|
+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
|
||||||
|
-build_ssl:
|
||||||
|
+build_ssl: build_crypto
|
||||||
|
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
|
||||||
|
+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
|
||||||
|
-build_engines:
|
||||||
|
+build_engines: build_crypto
|
||||||
|
- @dir=engines; target=all; $(BUILD_ONE_CMD)
|
||||||
|
+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
|
||||||
|
-build_apps:
|
||||||
|
+build_apps: build_libs
|
||||||
|
- @dir=apps; target=all; $(BUILD_ONE_CMD)
|
||||||
|
+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
|
||||||
|
-build_tests:
|
||||||
|
+build_tests: build_libs
|
||||||
|
- @dir=test; target=all; $(BUILD_ONE_CMD)
|
||||||
|
+ +@dir=test; target=all; $(BUILD_ONE_CMD)
|
||||||
|
-build_tools:
|
||||||
|
+build_tools: build_libs
|
||||||
|
- @dir=tools; target=all; $(BUILD_ONE_CMD)
|
||||||
|
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
|
||||||
|
|
||||||
|
all_testapps: build_libs build_testapps
|
||||||
|
build_testapps:
|
||||||
|
@@ -497,9 +497,9 @@
|
||||||
|
dist_pem_h:
|
||||||
|
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
|
||||||
|
|
||||||
|
-install: all install_docs install_sw
|
||||||
|
+install: install_docs install_sw
|
||||||
|
|
||||||
|
-install_sw:
|
||||||
|
+install_dirs:
|
||||||
|
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
|
||||||
|
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
|
||||||
|
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
|
||||||
|
@@ -508,6 +508,13 @@
|
||||||
|
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
|
||||||
|
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
|
||||||
|
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
|
||||||
|
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
|
||||||
|
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
|
||||||
|
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
|
||||||
|
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
|
||||||
|
+ $(INSTALL_PREFIX)$(MANDIR)/man7
|
||||||
|
+
|
||||||
|
+install_sw: install_dirs
|
||||||
|
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
|
||||||
|
do \
|
||||||
|
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
|
||||||
|
@@ -511,7 +511,7 @@
|
||||||
|
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
|
||||||
|
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
|
||||||
|
done;
|
||||||
|
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
|
||||||
|
+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
|
||||||
|
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
|
||||||
|
do \
|
||||||
|
if [ -f "$$i" ]; then \
|
||||||
|
@@ -593,12 +600,7 @@
|
||||||
|
done; \
|
||||||
|
done
|
||||||
|
|
||||||
|
-install_docs:
|
||||||
|
- @$(PERL) $(TOP)/util/mkdir-p.pl \
|
||||||
|
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
|
||||||
|
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
|
||||||
|
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
|
||||||
|
- $(INSTALL_PREFIX)$(MANDIR)/man7
|
||||||
|
+install_docs: install_dirs
|
||||||
|
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
|
||||||
|
here="`pwd`"; \
|
||||||
|
filecase=; \
|
||||||
|
--- a/Makefile.shared
|
||||||
|
+++ b/Makefile.shared
|
||||||
|
@@ -105,6 +105,7 @@ LINK_SO= \
|
||||||
|
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
|
||||||
|
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
|
||||||
|
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
|
||||||
|
+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
|
||||||
|
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
|
||||||
|
$${SHAREDCMD} $${SHAREDFLAGS} \
|
||||||
|
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
|
||||||
|
@@ -122,6 +124,7 @@ SYMLINK_SO= \
|
||||||
|
done; \
|
||||||
|
fi; \
|
||||||
|
if [ -n "$$SHLIB_SOVER" ]; then \
|
||||||
|
+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
|
||||||
|
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
|
||||||
|
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
|
||||||
|
fi; \
|
||||||
|
--- a/crypto/Makefile
|
||||||
|
+++ b/crypto/Makefile
|
||||||
|
@@ -85,11 +85,11 @@
|
||||||
|
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
|
||||||
|
|
||||||
|
subdirs:
|
||||||
|
- @target=all; $(RECURSIVE_MAKE)
|
||||||
|
+ +@target=all; $(RECURSIVE_MAKE)
|
||||||
|
|
||||||
|
files:
|
||||||
|
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
|
||||||
|
- @target=files; $(RECURSIVE_MAKE)
|
||||||
|
+ +@target=files; $(RECURSIVE_MAKE)
|
||||||
|
|
||||||
|
links:
|
||||||
|
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
|
||||||
|
@@ -100,7 +100,7 @@
|
||||||
|
# lib: $(LIB): are splitted to avoid end-less loop
|
||||||
|
lib: $(LIB)
|
||||||
|
@touch lib
|
||||||
|
-$(LIB): $(LIBOBJ)
|
||||||
|
+$(LIB): $(LIBOBJ) | subdirs
|
||||||
|
$(AR) $(LIB) $(LIBOBJ)
|
||||||
|
$(RANLIB) $(LIB) || echo Never mind.
|
||||||
|
|
||||||
|
@@ -110,7 +110,7 @@
|
||||||
|
fi
|
||||||
|
|
||||||
|
libs:
|
||||||
|
- @target=lib; $(RECURSIVE_MAKE)
|
||||||
|
+ +@target=lib; $(RECURSIVE_MAKE)
|
||||||
|
|
||||||
|
install:
|
||||||
|
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
|
||||||
|
@@ -119,7 +119,7 @@
|
||||||
|
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
|
||||||
|
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
|
||||||
|
done;
|
||||||
|
- @target=install; $(RECURSIVE_MAKE)
|
||||||
|
+ +@target=install; $(RECURSIVE_MAKE)
|
||||||
|
|
||||||
|
lint:
|
||||||
|
@target=lint; $(RECURSIVE_MAKE)
|
||||||
|
--- a/engines/Makefile
|
||||||
|
+++ b/engines/Makefile
|
||||||
|
@@ -72,7 +72,7 @@
|
||||||
|
|
||||||
|
all: lib subdirs
|
||||||
|
|
||||||
|
-lib: $(LIBOBJ)
|
||||||
|
+lib: $(LIBOBJ) | subdirs
|
||||||
|
@if [ -n "$(SHARED_LIBS)" ]; then \
|
||||||
|
set -e; \
|
||||||
|
for l in $(LIBNAMES); do \
|
||||||
|
@@ -89,7 +89,7 @@
|
||||||
|
|
||||||
|
subdirs:
|
||||||
|
echo $(EDIRS)
|
||||||
|
- @target=all; $(RECURSIVE_MAKE)
|
||||||
|
+ +@target=all; $(RECURSIVE_MAKE)
|
||||||
|
|
||||||
|
files:
|
||||||
|
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
|
||||||
|
@@ -128,7 +128,7 @@
|
||||||
|
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
|
||||||
|
done; \
|
||||||
|
fi
|
||||||
|
- @target=install; $(RECURSIVE_MAKE)
|
||||||
|
+ +@target=install; $(RECURSIVE_MAKE)
|
||||||
|
|
||||||
|
tags:
|
||||||
|
ctags $(SRC)
|
||||||
|
--- a/test/Makefile
|
||||||
|
+++ b/test/Makefile
|
||||||
|
@@ -123,7 +123,7 @@
|
||||||
|
tags:
|
||||||
|
ctags $(SRC)
|
||||||
|
|
||||||
|
-tests: exe apps $(TESTS)
|
||||||
|
+tests: exe $(TESTS)
|
||||||
|
|
||||||
|
apps:
|
||||||
|
@(cd ..; $(MAKE) DIRS=apps all)
|
||||||
|
@@ -365,109 +365,109 @@
|
||||||
|
link_app.$${shlib_target}
|
||||||
|
|
||||||
|
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(RSATEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(RSATEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(BNTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(BNTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(ECTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(ECTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(EXPTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(EXPTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(IDEATEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(IDEATEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(MD2TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(MD2TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(SHATEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(SHATEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(SHA1TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(SHA1TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(SHA256TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(SHA256TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(SHA512TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(SHA512TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(RMDTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(RMDTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(MDC2TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(MDC2TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(MD4TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(MD4TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(MD5TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(MD5TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(HMACTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(HMACTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(WPTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(WPTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(RC2TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(RC2TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(BFTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(BFTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(CASTTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(CASTTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(RC4TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(RC4TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(RC5TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(RC5TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(DESTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(DESTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(RANDTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(RANDTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(DHTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(DHTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(DSATEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(DSATEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(METHTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(METHTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
|
||||||
|
- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
|
||||||
|
+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
|
||||||
|
|
||||||
|
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(ENGINETEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(ENGINETEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(EVPTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(EVPTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(ECDSATEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(ECDSATEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(ECDHTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(ECDHTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(IGETEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(IGETEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(JPAKETEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(JPAKETEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(ASN1TEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(ASN1TEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
|
||||||
|
- @target=$(SRPTEST); $(BUILD_CMD)
|
||||||
|
+ +@target=$(SRPTEST); $(BUILD_CMD)
|
||||||
|
|
||||||
|
#$(AESTEST).o: $(AESTEST).c
|
||||||
|
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
|
||||||
|
@@ -480,7 +480,7 @@
|
||||||
|
# fi
|
||||||
|
|
||||||
|
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
|
||||||
|
- @target=dummytest; $(BUILD_CMD)
|
||||||
|
+ +@target=dummytest; $(BUILD_CMD)
|
||||||
|
|
||||||
|
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
||||||
|
|
||||||
|
--- a/crypto/objects/Makefile
|
||||||
|
+++ b/crypto/objects/Makefile
|
||||||
|
@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h
|
||||||
|
# objects.pl both reads and writes obj_mac.num
|
||||||
|
obj_mac.h: objects.pl objects.txt obj_mac.num
|
||||||
|
$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
|
||||||
|
- @sleep 1; touch obj_mac.h; sleep 1
|
||||||
|
|
||||||
|
-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
|
||||||
|
+# This doesn't really need obj_mac.h, but since that rule reads & writes
|
||||||
|
+# obj_mac.num, we can't run in parallel with it.
|
||||||
|
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
|
||||||
|
$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
|
||||||
|
- @sleep 1; touch obj_xref.h; sleep 1
|
||||||
|
|
||||||
|
files:
|
||||||
|
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
|
|
@ -0,0 +1,79 @@
|
||||||
|
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721
|
||||||
|
|
||||||
|
UpstreamStatus: Pending
|
||||||
|
|
||||||
|
Received from H J Liu @ Intel
|
||||||
|
Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors.
|
||||||
|
Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
|
||||||
|
|
||||||
|
ported the patch to the 1.0.0e version
|
||||||
|
Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
|
||||||
|
Index: openssl-1.0.0e/Configure
|
||||||
|
===================================================================
|
||||||
|
--- openssl-1.0.0e.orig/Configure
|
||||||
|
+++ openssl-1.0.0e/Configure
|
||||||
|
@@ -393,6 +393,7 @@ my %table=(
|
||||||
|
"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||||
|
"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||||
|
"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||||
|
+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||||
|
"dist", "cc:-O::(unknown)::::::",
|
||||||
|
|
||||||
|
# Basic configs that should work on any (32 and less bit) box
|
||||||
|
Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
|
||||||
|
===================================================================
|
||||||
|
--- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c
|
||||||
|
+++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
|
||||||
|
@@ -55,7 +55,7 @@
|
||||||
|
* machine.
|
||||||
|
*/
|
||||||
|
|
||||||
|
-#ifdef _WIN64
|
||||||
|
+#if defined _WIN64 || !defined __LP64__
|
||||||
|
#define BN_ULONG unsigned long long
|
||||||
|
#else
|
||||||
|
#define BN_ULONG unsigned long
|
||||||
|
@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
|
||||||
|
asm (
|
||||||
|
" subq %2,%2 \n"
|
||||||
|
".p2align 4 \n"
|
||||||
|
- "1: movq (%4,%2,8),%0 \n"
|
||||||
|
- " adcq (%5,%2,8),%0 \n"
|
||||||
|
- " movq %0,(%3,%2,8) \n"
|
||||||
|
+ "1: movq (%q4,%2,8),%0 \n"
|
||||||
|
+ " adcq (%q5,%2,8),%0 \n"
|
||||||
|
+ " movq %0,(%q3,%2,8) \n"
|
||||||
|
" leaq 1(%2),%2 \n"
|
||||||
|
" loop 1b \n"
|
||||||
|
" sbbq %0,%0 \n"
|
||||||
|
@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
|
||||||
|
asm (
|
||||||
|
" subq %2,%2 \n"
|
||||||
|
".p2align 4 \n"
|
||||||
|
- "1: movq (%4,%2,8),%0 \n"
|
||||||
|
- " sbbq (%5,%2,8),%0 \n"
|
||||||
|
- " movq %0,(%3,%2,8) \n"
|
||||||
|
+ "1: movq (%q4,%2,8),%0 \n"
|
||||||
|
+ " sbbq (%q5,%2,8),%0 \n"
|
||||||
|
+ " movq %0,(%q3,%2,8) \n"
|
||||||
|
" leaq 1(%2),%2 \n"
|
||||||
|
" loop 1b \n"
|
||||||
|
" sbbq %0,%0 \n"
|
||||||
|
Index: openssl-1.0.0e/crypto/bn/bn.h
|
||||||
|
===================================================================
|
||||||
|
--- openssl-1.0.0e.orig/crypto/bn/bn.h
|
||||||
|
+++ openssl-1.0.0e/crypto/bn/bn.h
|
||||||
|
@@ -172,6 +172,13 @@ extern "C" {
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* Address type. */
|
||||||
|
+#ifdef _WIN64
|
||||||
|
+#define BN_ADDR unsigned long long
|
||||||
|
+#else
|
||||||
|
+#define BN_ADDR unsigned long
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* assuming long is 64bit - this is the DEC Alpha
|
||||||
|
* unsigned long long is only 64 bits :-(, don't define
|
||||||
|
* BN_LLONG for the DEC Alpha */
|
|
@ -0,0 +1,656 @@
|
||||||
|
http://rt.openssl.org/Ticket/Display.html?id=2051
|
||||||
|
user/pass: guest/guest
|
||||||
|
|
||||||
|
Index: apps/s_apps.h
|
||||||
|
===================================================================
|
||||||
|
RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v
|
||||||
|
retrieving revision 1.21.2.1
|
||||||
|
diff -u -r1.21.2.1 s_apps.h
|
||||||
|
--- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1
|
||||||
|
+++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000
|
||||||
|
@@ -148,7 +148,7 @@
|
||||||
|
#define PORT_STR "4433"
|
||||||
|
#define PROTOCOL "tcp"
|
||||||
|
|
||||||
|
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
||||||
|
+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6);
|
||||||
|
#ifdef HEADER_X509_H
|
||||||
|
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
|
||||||
|
#endif
|
||||||
|
@@ -156,7 +156,7 @@
|
||||||
|
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
|
||||||
|
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
|
||||||
|
#endif
|
||||||
|
-int init_client(int *sock, char *server, int port, int type);
|
||||||
|
+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6);
|
||||||
|
int should_retry(int i);
|
||||||
|
int extract_port(char *str, short *port_ptr);
|
||||||
|
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
|
||||||
|
Index: apps/s_client.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v
|
||||||
|
retrieving revision 1.123.2.6.2.10
|
||||||
|
diff -u -r1.123.2.6.2.10 s_client.c
|
||||||
|
--- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10
|
||||||
|
+++ apps/s_client.c 28 Dec 2011 00:28:14 -0000
|
||||||
|
@@ -285,6 +285,10 @@
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"usage: s_client args\n");
|
||||||
|
BIO_printf(bio_err,"\n");
|
||||||
|
+ BIO_printf(bio_err," -4 - use IPv4 only\n");
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ BIO_printf(bio_err," -6 - use IPv6 only\n");
|
||||||
|
+#endif
|
||||||
|
BIO_printf(bio_err," -host host - use -connect instead\n");
|
||||||
|
BIO_printf(bio_err," -port port - use -connect instead\n");
|
||||||
|
BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
|
||||||
|
@@ -564,6 +567,7 @@
|
||||||
|
int sbuf_len,sbuf_off;
|
||||||
|
fd_set readfds,writefds;
|
||||||
|
short port=PORT;
|
||||||
|
+ int use_ipv4, use_ipv6;
|
||||||
|
int full_log=1;
|
||||||
|
char *host=SSL_HOST_NAME;
|
||||||
|
char *cert_file=NULL,*key_file=NULL;
|
||||||
|
@@ -609,7 +613,11 @@
|
||||||
|
#endif
|
||||||
|
char *sess_in = NULL;
|
||||||
|
char *sess_out = NULL;
|
||||||
|
- struct sockaddr peer;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ struct sockaddr_storage peer;
|
||||||
|
+#else
|
||||||
|
+ struct sockaddr_in peer;
|
||||||
|
+#endif
|
||||||
|
int peerlen = sizeof(peer);
|
||||||
|
int enable_timeouts = 0 ;
|
||||||
|
long socket_mtu = 0;
|
||||||
|
@@ -630,6 +638,12 @@
|
||||||
|
meth=SSLv2_client_method();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+ use_ipv4 = 1;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ use_ipv6 = 1;
|
||||||
|
+#else
|
||||||
|
+ use_ipv6 = 0;
|
||||||
|
+#endif
|
||||||
|
apps_startup();
|
||||||
|
c_Pause=0;
|
||||||
|
c_quiet=0;
|
||||||
|
@@ -951,6 +961,18 @@
|
||||||
|
jpake_secret = *++argv;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
+ else if (strcmp(*argv,"-4") == 0)
|
||||||
|
+ {
|
||||||
|
+ use_ipv4 = 1;
|
||||||
|
+ use_ipv6 = 0;
|
||||||
|
+ }
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else if (strcmp(*argv,"-6") == 0)
|
||||||
|
+ {
|
||||||
|
+ use_ipv4 = 0;
|
||||||
|
+ use_ipv6 = 1;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
#ifndef OPENSSL_NO_SRTP
|
||||||
|
else if (strcmp(*argv,"-use_srtp") == 0)
|
||||||
|
{
|
||||||
|
@@ -1259,7 +1276,7 @@
|
||||||
|
|
||||||
|
re_start:
|
||||||
|
|
||||||
|
- if (init_client(&s,host,port,socket_type) == 0)
|
||||||
|
+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
|
||||||
|
SHUTDOWN(s);
|
||||||
|
@@ -1285,7 +1302,7 @@
|
||||||
|
{
|
||||||
|
|
||||||
|
sbio=BIO_new_dgram(s,BIO_NOCLOSE);
|
||||||
|
- if (getsockname(s, &peer, (void *)&peerlen) < 0)
|
||||||
|
+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err, "getsockname:errno=%d\n",
|
||||||
|
get_last_socket_error());
|
||||||
|
===================================================================
|
||||||
|
RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v
|
||||||
|
retrieving revision 1.136.2.15.2.13
|
||||||
|
diff -u -r1.136.2.15.2.13 s_server.c
|
||||||
|
--- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13
|
||||||
|
+++ apps/s_server.c 28 Dec 2011 00:28:14 -0000
|
||||||
|
@@ -558,6 +558,10 @@
|
||||||
|
# endif
|
||||||
|
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list");
|
||||||
|
#endif
|
||||||
|
+ BIO_printf(bio_err," -4 - use IPv4 only\n");
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ BIO_printf(bio_err," -6 - use IPv6 only\n");
|
||||||
|
+#endif
|
||||||
|
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
|
||||||
|
BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
|
||||||
|
}
|
||||||
|
@@ -943,6 +947,7 @@
|
||||||
|
int state=0;
|
||||||
|
const SSL_METHOD *meth=NULL;
|
||||||
|
int socket_type=SOCK_STREAM;
|
||||||
|
+ int use_ipv4, use_ipv6;
|
||||||
|
ENGINE *e=NULL;
|
||||||
|
char *inrand=NULL;
|
||||||
|
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
|
||||||
|
@@ -981,6 +986,12 @@
|
||||||
|
/* #error no SSL version enabled */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+ use_ipv4 = 1;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ use_ipv6 = 1;
|
||||||
|
+#else
|
||||||
|
+ use_ipv6 = 0;
|
||||||
|
+#endif
|
||||||
|
local_argc=argc;
|
||||||
|
local_argv=argv;
|
||||||
|
|
||||||
|
@@ -1329,6 +1340,18 @@
|
||||||
|
jpake_secret = *(++argv);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
+ else if (strcmp(*argv,"-4") == 0)
|
||||||
|
+ {
|
||||||
|
+ use_ipv4 = 1;
|
||||||
|
+ use_ipv6 = 0;
|
||||||
|
+ }
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else if (strcmp(*argv,"-6") == 0)
|
||||||
|
+ {
|
||||||
|
+ use_ipv4 = 0;
|
||||||
|
+ use_ipv6 = 1;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
#ifndef OPENSSL_NO_SRTP
|
||||||
|
else if (strcmp(*argv,"-use_srtp") == 0)
|
||||||
|
{
|
||||||
|
@@ -1884,9 +1907,9 @@
|
||||||
|
BIO_printf(bio_s_out,"ACCEPT\n");
|
||||||
|
(void)BIO_flush(bio_s_out);
|
||||||
|
if (www)
|
||||||
|
- do_server(port,socket_type,&accept_socket,www_body, context);
|
||||||
|
+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6);
|
||||||
|
else
|
||||||
|
- do_server(port,socket_type,&accept_socket,sv_body, context);
|
||||||
|
+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6);
|
||||||
|
print_stats(bio_s_out,ctx);
|
||||||
|
ret=0;
|
||||||
|
end:
|
||||||
|
Index: apps/s_socket.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v
|
||||||
|
retrieving revision 1.43.2.3.2.2
|
||||||
|
diff -u -r1.43.2.3.2.2 s_socket.c
|
||||||
|
--- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2
|
||||||
|
+++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000
|
||||||
|
@@ -97,16 +97,16 @@
|
||||||
|
#include "netdb.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
-static struct hostent *GetHostByName(char *name);
|
||||||
|
+static struct hostent *GetHostByName(char *name, int domain);
|
||||||
|
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
|
||||||
|
static void ssl_sock_cleanup(void);
|
||||||
|
#endif
|
||||||
|
static int ssl_sock_init(void);
|
||||||
|
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
|
||||||
|
-static int init_server(int *sock, int port, int type);
|
||||||
|
-static int init_server_long(int *sock, int port,char *ip, int type);
|
||||||
|
+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain);
|
||||||
|
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
|
||||||
|
+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6);
|
||||||
|
static int do_accept(int acc_sock, int *sock, char **host);
|
||||||
|
-static int host_ip(char *str, unsigned char ip[4]);
|
||||||
|
+static int host_ip(char *str, unsigned char *ip, int domain);
|
||||||
|
|
||||||
|
#ifdef OPENSSL_SYS_WIN16
|
||||||
|
#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
|
||||||
|
@@ -234,38 +234,68 @@
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
-int init_client(int *sock, char *host, int port, int type)
|
||||||
|
+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
|
||||||
|
{
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ unsigned char ip[16];
|
||||||
|
+#else
|
||||||
|
unsigned char ip[4];
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
- memset(ip, '\0', sizeof ip);
|
||||||
|
- if (!host_ip(host,&(ip[0])))
|
||||||
|
- return 0;
|
||||||
|
- return init_client_ip(sock,ip,port,type);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
|
||||||
|
- {
|
||||||
|
- unsigned long addr;
|
||||||
|
+ if (use_ipv4)
|
||||||
|
+ if (host_ip(host,ip,AF_INET))
|
||||||
|
+ return(init_client_ip(sock,ip,port,type,AF_INET));
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ if (use_ipv6)
|
||||||
|
+ if (host_ip(host,ip,AF_INET6))
|
||||||
|
+ return(init_client_ip(sock,ip,port,type,AF_INET6));
|
||||||
|
+#endif
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
|
||||||
|
+ {
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ struct sockaddr_storage them;
|
||||||
|
+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
|
||||||
|
+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
|
||||||
|
+#else
|
||||||
|
struct sockaddr_in them;
|
||||||
|
+ struct sockaddr_in *them_in = &them;
|
||||||
|
+#endif
|
||||||
|
+ socklen_t addr_len;
|
||||||
|
int s,i;
|
||||||
|
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
memset((char *)&them,0,sizeof(them));
|
||||||
|
- them.sin_family=AF_INET;
|
||||||
|
- them.sin_port=htons((unsigned short)port);
|
||||||
|
- addr=(unsigned long)
|
||||||
|
- ((unsigned long)ip[0]<<24L)|
|
||||||
|
- ((unsigned long)ip[1]<<16L)|
|
||||||
|
- ((unsigned long)ip[2]<< 8L)|
|
||||||
|
- ((unsigned long)ip[3]);
|
||||||
|
- them.sin_addr.s_addr=htonl(addr);
|
||||||
|
+ if (domain == AF_INET)
|
||||||
|
+ {
|
||||||
|
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
|
||||||
|
+ them_in->sin_family=AF_INET;
|
||||||
|
+ them_in->sin_port=htons((unsigned short)port);
|
||||||
|
+#ifndef BIT_FIELD_LIMITS
|
||||||
|
+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
|
||||||
|
+#else
|
||||||
|
+ memcpy(&them_in->sin_addr, ip, 4);
|
||||||
|
+#endif
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ {
|
||||||
|
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
|
||||||
|
+ them_in6->sin6_family=AF_INET6;
|
||||||
|
+ them_in6->sin6_port=htons((unsigned short)port);
|
||||||
|
+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
|
||||||
|
+ }
|
||||||
|
+#else
|
||||||
|
+ return(0);
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
if (type == SOCK_STREAM)
|
||||||
|
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||||
|
+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||||
|
else /* ( type == SOCK_DGRAM) */
|
||||||
|
- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
|
||||||
|
+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP);
|
||||||
|
|
||||||
|
if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
||||||
|
|
||||||
|
@@ -277,29 +315,27 @@
|
||||||
|
if (i < 0) { perror("keepalive"); return(0); }
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
-
|
||||||
|
- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
|
||||||
|
+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1)
|
||||||
|
{ closesocket(s); perror("connect"); return(0); }
|
||||||
|
*sock=s;
|
||||||
|
return(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
||||||
|
+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6)
|
||||||
|
{
|
||||||
|
int sock;
|
||||||
|
char *name = NULL;
|
||||||
|
int accept_socket = 0;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
- if (!init_server(&accept_socket,port,type)) return(0);
|
||||||
|
-
|
||||||
|
+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0);
|
||||||
|
if (ret != NULL)
|
||||||
|
{
|
||||||
|
*ret=accept_socket;
|
||||||
|
/* return(1);*/
|
||||||
|
}
|
||||||
|
- for (;;)
|
||||||
|
- {
|
||||||
|
+ for (;;)
|
||||||
|
+ {
|
||||||
|
if (type==SOCK_STREAM)
|
||||||
|
{
|
||||||
|
if (do_accept(accept_socket,&sock,&name) == 0)
|
||||||
|
@@ -322,41 +358,88 @@
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
-static int init_server_long(int *sock, int port, char *ip, int type)
|
||||||
|
+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
|
||||||
|
{
|
||||||
|
int ret=0;
|
||||||
|
+ int domain;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ struct sockaddr_storage server;
|
||||||
|
+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
|
||||||
|
+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
|
||||||
|
+#else
|
||||||
|
struct sockaddr_in server;
|
||||||
|
+ struct sockaddr_in *server_in = &server;
|
||||||
|
+#endif
|
||||||
|
+ socklen_t addr_len;
|
||||||
|
int s= -1;
|
||||||
|
|
||||||
|
+ if (!use_ipv4 && !use_ipv6)
|
||||||
|
+ goto err;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ /* we are fine here */
|
||||||
|
+#else
|
||||||
|
+ if (use_ipv6)
|
||||||
|
+ goto err;
|
||||||
|
+#endif
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
- memset((char *)&server,0,sizeof(server));
|
||||||
|
- server.sin_family=AF_INET;
|
||||||
|
- server.sin_port=htons((unsigned short)port);
|
||||||
|
- if (ip == NULL)
|
||||||
|
- server.sin_addr.s_addr=INADDR_ANY;
|
||||||
|
- else
|
||||||
|
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
||||||
|
-#ifndef BIT_FIELD_LIMITS
|
||||||
|
- memcpy(&server.sin_addr.s_addr,ip,4);
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ domain = use_ipv6 ? AF_INET6 : AF_INET;
|
||||||
|
#else
|
||||||
|
- memcpy(&server.sin_addr,ip,4);
|
||||||
|
+ domain = AF_INET;
|
||||||
|
#endif
|
||||||
|
-
|
||||||
|
- if (type == SOCK_STREAM)
|
||||||
|
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||||
|
- else /* type == SOCK_DGRAM */
|
||||||
|
- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
|
||||||
|
+ if (type == SOCK_STREAM)
|
||||||
|
+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||||
|
+ else /* type == SOCK_DGRAM */
|
||||||
|
+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP);
|
||||||
|
|
||||||
|
if (s == INVALID_SOCKET) goto err;
|
||||||
|
#if defined SOL_SOCKET && defined SO_REUSEADDR
|
||||||
|
+ {
|
||||||
|
+ int j = 1;
|
||||||
|
+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
|
||||||
|
+ (void *) &j, sizeof j);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ if ((use_ipv4 == 0) && (use_ipv6 == 1))
|
||||||
|
{
|
||||||
|
- int j = 1;
|
||||||
|
- setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
|
||||||
|
- (void *) &j, sizeof j);
|
||||||
|
+ const int on = 1;
|
||||||
|
+
|
||||||
|
+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
|
||||||
|
+ (const void *) &on, sizeof(int));
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
|
||||||
|
+ if (domain == AF_INET)
|
||||||
|
+ {
|
||||||
|
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
|
||||||
|
+ memset(server_in, 0, sizeof(struct sockaddr_in));
|
||||||
|
+ server_in->sin_family=AF_INET;
|
||||||
|
+ server_in->sin_port = htons((unsigned short)port);
|
||||||
|
+ if (ip == NULL)
|
||||||
|
+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
|
||||||
|
+ else
|
||||||
|
+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
||||||
|
+#ifndef BIT_FIELD_LIMITS
|
||||||
|
+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
|
||||||
|
+#else
|
||||||
|
+ memcpy(&server_in->sin_addr, ip, 4);
|
||||||
|
+#endif
|
||||||
|
+ }
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
|
||||||
|
+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
|
||||||
|
+ server_in6->sin6_family = AF_INET6;
|
||||||
|
+ server_in6->sin6_port = htons((unsigned short)port);
|
||||||
|
+ if (ip == NULL)
|
||||||
|
+ server_in6->sin6_addr = in6addr_any;
|
||||||
|
+ else
|
||||||
|
+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1)
|
||||||
|
{
|
||||||
|
#ifndef OPENSSL_SYS_WINDOWS
|
||||||
|
perror("bind");
|
||||||
|
@@ -375,16 +458,23 @@
|
||||||
|
return(ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
-static int init_server(int *sock, int port, int type)
|
||||||
|
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
|
||||||
|
{
|
||||||
|
- return(init_server_long(sock, port, NULL, type));
|
||||||
|
+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
|
||||||
|
}
|
||||||
|
|
||||||
|
static int do_accept(int acc_sock, int *sock, char **host)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
struct hostent *h1,*h2;
|
||||||
|
- static struct sockaddr_in from;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ struct sockaddr_storage from;
|
||||||
|
+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
|
||||||
|
+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
|
||||||
|
+#else
|
||||||
|
+ struct sockaddr_in from;
|
||||||
|
+ struct sockaddr_in *from_in = &from;
|
||||||
|
+#endif
|
||||||
|
int len;
|
||||||
|
/* struct linger ling; */
|
||||||
|
|
||||||
|
@@ -431,13 +521,23 @@
|
||||||
|
*/
|
||||||
|
|
||||||
|
if (host == NULL) goto end;
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ if (from.ss_family == AF_INET)
|
||||||
|
+#else
|
||||||
|
+ if (from.sin_family == AF_INET)
|
||||||
|
+#endif
|
||||||
|
#ifndef BIT_FIELD_LIMITS
|
||||||
|
- /* I should use WSAAsyncGetHostByName() under windows */
|
||||||
|
- h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
|
||||||
|
- sizeof(from.sin_addr.s_addr),AF_INET);
|
||||||
|
+ /* I should use WSAAsyncGetHostByName() under windows */
|
||||||
|
+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr,
|
||||||
|
+ sizeof(from_in->sin_addr.s_addr), AF_INET);
|
||||||
|
#else
|
||||||
|
- h1=gethostbyaddr((char *)&from.sin_addr,
|
||||||
|
- sizeof(struct in_addr),AF_INET);
|
||||||
|
+ h1=gethostbyaddr((char *)&from_in->sin_addr,
|
||||||
|
+ sizeof(struct in_addr), AF_INET);
|
||||||
|
+#endif
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else
|
||||||
|
+ h1=gethostbyaddr((char *)&from_in6->sin6_addr,
|
||||||
|
+ sizeof(struct in6_addr), AF_INET6);
|
||||||
|
#endif
|
||||||
|
if (h1 == NULL)
|
||||||
|
{
|
||||||
|
@@ -454,15 +554,23 @@
|
||||||
|
}
|
||||||
|
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
|
||||||
|
|
||||||
|
- h2=GetHostByName(*host);
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ h2=GetHostByName(*host, from.ss_family);
|
||||||
|
+#else
|
||||||
|
+ h2=GetHostByName(*host, from.sin_family);
|
||||||
|
+#endif
|
||||||
|
if (h2 == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
- if (h2->h_addrtype != AF_INET)
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ if (h2->h_addrtype != from.ss_family)
|
||||||
|
+#else
|
||||||
|
+ if (h2->h_addrtype != from.sin_family)
|
||||||
|
+#endif
|
||||||
|
{
|
||||||
|
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||||
|
+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -477,7 +585,7 @@
|
||||||
|
char *h,*p;
|
||||||
|
|
||||||
|
h=str;
|
||||||
|
- p=strchr(str,':');
|
||||||
|
+ p=strrchr(str,':');
|
||||||
|
if (p == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"no port defined\n");
|
||||||
|
@@ -485,7 +593,7 @@
|
||||||
|
}
|
||||||
|
*(p++)='\0';
|
||||||
|
|
||||||
|
- if ((ip != NULL) && !host_ip(str,ip))
|
||||||
|
+ if ((ip != NULL) && !host_ip(str,ip,AF_INET))
|
||||||
|
goto err;
|
||||||
|
if (host_ptr != NULL) *host_ptr=h;
|
||||||
|
|
||||||
|
@@ -496,48 +604,58 @@
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
-static int host_ip(char *str, unsigned char ip[4])
|
||||||
|
+static int host_ip(char *str, unsigned char *ip, int domain)
|
||||||
|
{
|
||||||
|
- unsigned int in[4];
|
||||||
|
+ unsigned int in[4];
|
||||||
|
+ unsigned long l;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
|
||||||
|
+ if ((domain == AF_INET) &&
|
||||||
|
+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4))
|
||||||
|
{
|
||||||
|
+
|
||||||
|
for (i=0; i<4; i++)
|
||||||
|
if (in[i] > 255)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"invalid IP address\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
- ip[0]=in[0];
|
||||||
|
- ip[1]=in[1];
|
||||||
|
- ip[2]=in[2];
|
||||||
|
- ip[3]=in[3];
|
||||||
|
- }
|
||||||
|
+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
|
||||||
|
+ memcpy(ip, &l, 4);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else if ((domain == AF_INET6) &&
|
||||||
|
+ (inet_pton(AF_INET6, str, ip) == 1))
|
||||||
|
+ return 1;
|
||||||
|
+#endif
|
||||||
|
else
|
||||||
|
{ /* do a gethostbyname */
|
||||||
|
struct hostent *he;
|
||||||
|
|
||||||
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
|
- he=GetHostByName(str);
|
||||||
|
+ he=GetHostByName(str,domain);
|
||||||
|
if (he == NULL)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
/* cast to short because of win16 winsock definition */
|
||||||
|
- if ((short)he->h_addrtype != AF_INET)
|
||||||
|
+ if ((short)he->h_addrtype != domain)
|
||||||
|
{
|
||||||
|
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||||
|
+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n");
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
- ip[0]=he->h_addr_list[0][0];
|
||||||
|
- ip[1]=he->h_addr_list[0][1];
|
||||||
|
- ip[2]=he->h_addr_list[0][2];
|
||||||
|
- ip[3]=he->h_addr_list[0][3];
|
||||||
|
+ if (domain == AF_INET)
|
||||||
|
+ memset(ip, 0, 4);
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else
|
||||||
|
+ memset(ip, 0, 16);
|
||||||
|
+#endif
|
||||||
|
+ memcpy(ip, he->h_addr_list[0], he->h_length);
|
||||||
|
+ return 1;
|
||||||
|
}
|
||||||
|
- return(1);
|
||||||
|
err:
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
@@ -574,7 +692,7 @@
|
||||||
|
static unsigned long ghbn_hits=0L;
|
||||||
|
static unsigned long ghbn_miss=0L;
|
||||||
|
|
||||||
|
-static struct hostent *GetHostByName(char *name)
|
||||||
|
+static struct hostent *GetHostByName(char *name, int domain)
|
||||||
|
{
|
||||||
|
struct hostent *ret;
|
||||||
|
int i,lowi=0;
|
||||||
|
@@ -589,14 +707,20 @@
|
||||||
|
}
|
||||||
|
if (ghbn_cache[i].order > 0)
|
||||||
|
{
|
||||||
|
- if (strncmp(name,ghbn_cache[i].name,128) == 0)
|
||||||
|
+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) &&
|
||||||
|
+ (ghbn_cache[i].ent.h_addrtype == domain))
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (i == GHBN_NUM) /* no hit*/
|
||||||
|
{
|
||||||
|
ghbn_miss++;
|
||||||
|
- ret=gethostbyname(name);
|
||||||
|
+ if (domain == AF_INET)
|
||||||
|
+ ret=gethostbyname(name);
|
||||||
|
+#if OPENSSL_USE_IPV6
|
||||||
|
+ else
|
||||||
|
+ ret=gethostbyname2(name, AF_INET6);
|
||||||
|
+#endif
|
||||||
|
if (ret == NULL) return(NULL);
|
||||||
|
/* else add to cache */
|
||||||
|
if(strlen(name) < sizeof ghbn_cache[0].name)
|
|
@ -0,0 +1,18 @@
|
||||||
|
https://bugs.gentoo.org/472584
|
||||||
|
http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest
|
||||||
|
|
||||||
|
fix verification handling in s_client. when loading paths, make sure
|
||||||
|
we properly fallback to setting the default paths.
|
||||||
|
|
||||||
|
--- a/apps/s_client.c
|
||||||
|
+++ b/apps/s_client.c
|
||||||
|
@@ -899,7 +899,7 @@
|
||||||
|
if (!set_cert_key_stuff(ctx,cert,key))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
|
||||||
|
+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) &&
|
||||||
|
(!SSL_CTX_set_default_verify_paths(ctx)))
|
||||||
|
{
|
||||||
|
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
||||||
|
|
|
@ -0,0 +1,356 @@
|
||||||
|
Forward-ported from openssl-1.0.1e-perl-5.18.patch
|
||||||
|
Fixes install with perl-5.18.
|
||||||
|
|
||||||
|
https://bugs.gentoo.org/show_bug.cgi?id=497286
|
||||||
|
|
||||||
|
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/apps/cms.pod
|
||||||
|
+++ openssl-1.0.1f/doc/apps/cms.pod
|
||||||
|
@@ -450,28 +450,28 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
the operation was completely successfully.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
an error occurred parsing the command options.
|
||||||
|
|
||||||
|
-=item 2
|
||||||
|
+=item C<2>
|
||||||
|
|
||||||
|
one of the input files could not be read.
|
||||||
|
|
||||||
|
-=item 3
|
||||||
|
+=item C<3>
|
||||||
|
|
||||||
|
an error occurred creating the CMS file or when reading the MIME
|
||||||
|
message.
|
||||||
|
|
||||||
|
-=item 4
|
||||||
|
+=item C<4>
|
||||||
|
|
||||||
|
an error occurred decrypting or verifying the message.
|
||||||
|
|
||||||
|
-=item 5
|
||||||
|
+=item C<5>
|
||||||
|
|
||||||
|
the message was verified correctly but an error occurred writing out
|
||||||
|
the signers certificates.
|
||||||
|
--- openssl-1.0.1f/doc/apps/smime.pod
|
||||||
|
+++ openssl-1.0.1f/doc/apps/smime.pod
|
||||||
|
@@ -308,28 +308,28 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
the operation was completely successfully.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
an error occurred parsing the command options.
|
||||||
|
|
||||||
|
-=item 2
|
||||||
|
+=item C<2>
|
||||||
|
|
||||||
|
one of the input files could not be read.
|
||||||
|
|
||||||
|
-=item 3
|
||||||
|
+=item C<3>
|
||||||
|
|
||||||
|
an error occurred creating the PKCS#7 file or when reading the MIME
|
||||||
|
message.
|
||||||
|
|
||||||
|
-=item 4
|
||||||
|
+=item C<4>
|
||||||
|
|
||||||
|
an error occurred decrypting or verifying the message.
|
||||||
|
|
||||||
|
-=item 5
|
||||||
|
+=item C<5>
|
||||||
|
|
||||||
|
the message was verified correctly but an error occurred writing out
|
||||||
|
the signers certificates.
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_accept.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_accept.pod
|
||||||
|
@@ -44,13 +44,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
||||||
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
||||||
|
return value B<ret> to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||||
|
established.
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_clear.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_clear.pod
|
||||||
|
@@ -56,12 +56,12 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The SSL_clear() operation could not be performed. Check the error stack to
|
||||||
|
find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The SSL_clear() operation was successful.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
|
||||||
|
@@ -53,11 +53,11 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation failed. Check the error queue to find out the reason.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_connect.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_connect.pod
|
||||||
|
@@ -41,13 +41,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
||||||
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
||||||
|
return value B<ret> to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||||
|
established.
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
|
||||||
|
@@ -52,13 +52,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The operation failed. In case of the add operation, it was tried to add
|
||||||
|
the same (identical) session twice. In case of the remove operation, the
|
||||||
|
session was not found in the cache.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
|
||||||
|
@@ -100,13 +100,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The operation failed because B<CAfile> and B<CApath> are NULL or the
|
||||||
|
processing at one of the locations specified failed. Check the error
|
||||||
|
stack to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
||||||
|
@@ -66,13 +66,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
A failure while manipulating the STACK_OF(X509_NAME) object occurred or
|
||||||
|
the X509_NAME could not be extracted from B<cacert>. Check the error stack
|
||||||
|
to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
|
||||||
|
@@ -64,13 +64,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
|
||||||
|
the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
|
||||||
|
is logged to the error stack.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
|
||||||
|
@@ -42,11 +42,11 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The new choice failed, check the error stack to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
||||||
|
@@ -96,7 +96,7 @@
|
||||||
|
connection will fail with decryption_error before it will be finished
|
||||||
|
completely.
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
PSK identity was not found. An "unknown_psk_identity" alert message
|
||||||
|
will be sent and the connection setup fails.
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
|
||||||
|
@@ -45,13 +45,13 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
||||||
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
||||||
|
return value B<ret> to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
||||||
|
established.
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_read.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_read.pod
|
||||||
|
@@ -86,7 +86,7 @@
|
||||||
|
The read operation was successful; the return value is the number of
|
||||||
|
bytes actually read from the TLS/SSL connection.
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The read operation was not successful. The reason may either be a clean
|
||||||
|
shutdown due to a "close notify" alert sent by the peer (in which case
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
|
||||||
|
@@ -27,11 +27,11 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
A new session was negotiated.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
A session was reused.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
|
||||||
|
@@ -35,11 +35,11 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The operation failed. Check the error stack to find out why.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_set_session.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod
|
||||||
|
@@ -37,11 +37,11 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The operation failed; check the error stack to find out the reason.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The operation succeeded.
|
||||||
|
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
|
||||||
|
@@ -92,14 +92,14 @@
|
||||||
|
|
||||||
|
=over 4
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The shutdown is not yet finished. Call SSL_shutdown() for a second time,
|
||||||
|
if a bidirectional shutdown shall be performed.
|
||||||
|
The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
|
||||||
|
erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
|
||||||
|
|
||||||
|
-=item 1
|
||||||
|
+=item C<1>
|
||||||
|
|
||||||
|
The shutdown was successfully completed. The "close notify" alert was sent
|
||||||
|
and the peer's "close notify" alert was received.
|
||||||
|
--- openssl-1.0.1f/doc/ssl/SSL_write.pod
|
||||||
|
+++ openssl-1.0.1f/doc/ssl/SSL_write.pod
|
||||||
|
@@ -79,7 +79,7 @@
|
||||||
|
The write operation was successful, the return value is the number of
|
||||||
|
bytes actually written to the TLS/SSL connection.
|
||||||
|
|
||||||
|
-=item 0
|
||||||
|
+=item C<0>
|
||||||
|
|
||||||
|
The write operation was not successful. Probably the underlying connection
|
||||||
|
was closed. Call SSL_get_error() with the return value B<ret> to find out,
|
|
@ -0,0 +1,83 @@
|
||||||
|
when gcc is given a .s file and told to preprocess it, it outputs nothing
|
||||||
|
|
||||||
|
https://bugs.gentoo.org/499086
|
||||||
|
|
||||||
|
From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mike Frysinger <vapier@gentoo.org>
|
||||||
|
Date: Sat, 25 Jan 2014 05:44:47 -0500
|
||||||
|
Subject: [PATCH] Revert "Make Makefiles OSF-make-friendly."
|
||||||
|
|
||||||
|
This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34.
|
||||||
|
---
|
||||||
|
crypto/Makefile | 4 +---
|
||||||
|
crypto/bn/Makefile | 4 +---
|
||||||
|
crypto/evp/Makefile | 2 +-
|
||||||
|
crypto/modes/Makefile | 5 +----
|
||||||
|
crypto/sha/Makefile | 4 +---
|
||||||
|
util/shlib_wrap.sh | 6 +-----
|
||||||
|
6 files changed, 6 insertions(+), 19 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/crypto/Makefile b/crypto/Makefile
|
||||||
|
index b253f50..1de9d5f 100644
|
||||||
|
--- a/crypto/Makefile
|
||||||
|
+++ b/crypto/Makefile
|
||||||
|
@@ -86,9 +86,7 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
|
||||||
|
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
|
||||||
|
pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
|
||||||
|
alphacpuid.s: alphacpuid.pl
|
||||||
|
- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||||
|
- $(PERL) alphacpuid.pl > $$preproc && \
|
||||||
|
- $(CC) -E $$preproc > $@ && rm $$preproc)
|
||||||
|
+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||||
|
|
||||||
|
subdirs:
|
||||||
|
@target=all; $(RECURSIVE_MAKE)
|
||||||
|
diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
|
||||||
|
index b62b676..6c03363 100644
|
||||||
|
--- a/crypto/bn/Makefile
|
||||||
|
+++ b/crypto/bn/Makefile
|
||||||
|
@@ -136,9 +136,7 @@ ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
|
||||||
|
ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
|
||||||
|
|
||||||
|
alpha-mont.s: asm/alpha-mont.pl
|
||||||
|
- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||||
|
- $(PERL) asm/alpha-mont.pl > $$preproc && \
|
||||||
|
- $(CC) -E $$preproc > $@ && rm $$preproc)
|
||||||
|
+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||||
|
|
||||||
|
# GNU make "catch all"
|
||||||
|
%-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
|
||||||
|
diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
|
||||||
|
index ce0dcd6..88ac65e 100644
|
||||||
|
--- a/crypto/modes/Makefile
|
||||||
|
+++ b/crypto/modes/Makefile
|
||||||
|
@@ -55,10 +55,7 @@ aesni-gcm-x86_64.s: asm/aesni-gcm-x86_64.pl
|
||||||
|
ghash-sparcv9.s: asm/ghash-sparcv9.pl
|
||||||
|
$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
|
||||||
|
ghash-alpha.s: asm/ghash-alpha.pl
|
||||||
|
- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||||
|
- $(PERL) asm/ghash-alpha.pl > $$preproc && \
|
||||||
|
- $(CC) -E $$preproc > $@ && rm $$preproc)
|
||||||
|
-
|
||||||
|
+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||||
|
ghash-parisc.s: asm/ghash-parisc.pl
|
||||||
|
$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
|
||||||
|
|
||||||
|
diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
|
||||||
|
index 64eab6c..63fba69 100644
|
||||||
|
--- a/crypto/sha/Makefile
|
||||||
|
+++ b/crypto/sha/Makefile
|
||||||
|
@@ -60,9 +60,7 @@ sha256-armv4.S: asm/sha256-armv4.pl
|
||||||
|
$(PERL) $< $(PERLASM_SCHEME) $@
|
||||||
|
|
||||||
|
sha1-alpha.s: asm/sha1-alpha.pl
|
||||||
|
- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
|
||||||
|
- $(PERL) asm/sha1-alpha.pl > $$preproc && \
|
||||||
|
- $(CC) -E $$preproc > $@ && rm $$preproc)
|
||||||
|
+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
|
||||||
|
|
||||||
|
# Solaris make has to be explicitly told
|
||||||
|
sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
|
||||||
|
--
|
||||||
|
1.8.5.3
|
||||||
|
|
|
@ -0,0 +1,239 @@
|
||||||
|
# Copyright 1999-2014 Gentoo Foundation
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1g.ebuild,v 1.1 2014/04/07 18:10:03 vapier Exp $
|
||||||
|
|
||||||
|
EAPI="4"
|
||||||
|
|
||||||
|
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||||
|
|
||||||
|
REV="1.7"
|
||||||
|
DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
|
||||||
|
HOMEPAGE="http://www.openssl.org/"
|
||||||
|
SRC_URI="mirror://openssl/source/${P}.tar.gz
|
||||||
|
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
|
||||||
|
|
||||||
|
LICENSE="openssl"
|
||||||
|
SLOT="0"
|
||||||
|
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
|
||||||
|
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib"
|
||||||
|
|
||||||
|
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
|
||||||
|
# our libssl.a depends on libz.a/etc... at runtime.
|
||||||
|
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
|
||||||
|
zlib? ( sys-libs/zlib[static-libs(+)] )
|
||||||
|
kerberos? ( app-crypt/mit-krb5 )"
|
||||||
|
# The blocks are temporary just to make sure people upgrade to a
|
||||||
|
# version that lack runtime version checking. We'll drop them in
|
||||||
|
# the future.
|
||||||
|
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
||||||
|
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )
|
||||||
|
!<net-misc/openssh-5.9_p1-r4
|
||||||
|
!<net-libs/neon-0.29.6-r1"
|
||||||
|
DEPEND="${RDEPEND}
|
||||||
|
sys-apps/diffutils
|
||||||
|
>=dev-lang/perl-5
|
||||||
|
test? ( sys-devel/bc )"
|
||||||
|
PDEPEND="app-misc/ca-certificates"
|
||||||
|
|
||||||
|
src_unpack() {
|
||||||
|
unpack ${P}.tar.gz
|
||||||
|
SSL_CNF_DIR="/etc/ssl"
|
||||||
|
sed \
|
||||||
|
-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
|
||||||
|
-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
|
||||||
|
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
|
||||||
|
> "${WORKDIR}"/c_rehash || die #416717
|
||||||
|
}
|
||||||
|
|
||||||
|
src_prepare() {
|
||||||
|
# Make sure we only ever touch Makefile.org and avoid patching a file
|
||||||
|
# that gets blown away anyways by the Configure script in src_configure
|
||||||
|
rm -f Makefile
|
||||||
|
|
||||||
|
if ! use vanilla ; then
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.1f-perl-5.18.patch #497286
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584
|
||||||
|
epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086
|
||||||
|
epatch_user #332661
|
||||||
|
fi
|
||||||
|
|
||||||
|
# disable fips in the build
|
||||||
|
# make sure the man pages are suffixed #302165
|
||||||
|
# don't bother building man pages if they're disabled
|
||||||
|
sed -i \
|
||||||
|
-e '/DIRS/s: fips : :g' \
|
||||||
|
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||||
|
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||||
|
-e $(has noman FEATURES \
|
||||||
|
&& echo '/^install:/s:install_docs::' \
|
||||||
|
|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
|
||||||
|
Makefile.org \
|
||||||
|
|| die
|
||||||
|
# show the actual commands in the log
|
||||||
|
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||||
|
|
||||||
|
# allow openssl to be cross-compiled
|
||||||
|
cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
|
||||||
|
chmod a+rx gentoo.config
|
||||||
|
|
||||||
|
append-flags -fno-strict-aliasing
|
||||||
|
append-flags $(test-flags-CC -Wa,--noexecstack)
|
||||||
|
|
||||||
|
sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
|
||||||
|
# The config script does stupid stuff to prompt the user. Kill it.
|
||||||
|
sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
|
||||||
|
./config --test-sanity || die "I AM NOT SANE"
|
||||||
|
}
|
||||||
|
|
||||||
|
src_configure() {
|
||||||
|
unset APPS #197996
|
||||||
|
unset SCRIPTS #312551
|
||||||
|
unset CROSS_COMPILE #311473
|
||||||
|
|
||||||
|
tc-export CC AR RANLIB RC
|
||||||
|
|
||||||
|
# Clean out patent-or-otherwise-encumbered code
|
||||||
|
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||||
|
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||||
|
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||||
|
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||||
|
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||||
|
|
||||||
|
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
|
||||||
|
echoit() { echo "$@" ; "$@" ; }
|
||||||
|
|
||||||
|
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||||
|
|
||||||
|
# See if our toolchain supports __uint128_t. If so, it's 64bit
|
||||||
|
# friendly and can use the nicely optimized code paths. #460790
|
||||||
|
local ec_nistp_64_gcc_128
|
||||||
|
# Disable it for now though #469976
|
||||||
|
#if ! use bindist ; then
|
||||||
|
# echo "__uint128_t i;" > "${T}"/128.c
|
||||||
|
# if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
|
||||||
|
# ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
|
||||||
|
# fi
|
||||||
|
#fi
|
||||||
|
|
||||||
|
local sslout=$(./gentoo.config)
|
||||||
|
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||||
|
local config="Configure"
|
||||||
|
[[ -z ${sslout} ]] && config="config"
|
||||||
|
echoit \
|
||||||
|
./${config} \
|
||||||
|
${sslout} \
|
||||||
|
$(use sse2 || echo "no-sse2") \
|
||||||
|
enable-camellia \
|
||||||
|
$(use_ssl !bindist ec) \
|
||||||
|
${ec_nistp_64_gcc_128} \
|
||||||
|
enable-idea \
|
||||||
|
enable-mdc2 \
|
||||||
|
$(use_ssl !bindist rc5) \
|
||||||
|
enable-tlsext \
|
||||||
|
$(use_ssl gmp gmp -lgmp) \
|
||||||
|
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||||
|
$(use_ssl rfc3779) \
|
||||||
|
$(use_ssl tls-heartbeat heartbeats) \
|
||||||
|
$(use_ssl zlib) \
|
||||||
|
--prefix="${EPREFIX}"/usr \
|
||||||
|
--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
|
||||||
|
--libdir=$(get_libdir) \
|
||||||
|
shared threads \
|
||||||
|
|| die
|
||||||
|
|
||||||
|
# Clean out hardcoded flags that openssl uses
|
||||||
|
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||||
|
-e 's:^CFLAG=::' \
|
||||||
|
-e 's:-fomit-frame-pointer ::g' \
|
||||||
|
-e 's:-O[0-9] ::g' \
|
||||||
|
-e 's:-march=[-a-z0-9]* ::g' \
|
||||||
|
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||||
|
-e 's:-m[a-z0-9]* ::g' \
|
||||||
|
)
|
||||||
|
sed -i \
|
||||||
|
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||||
|
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||||
|
Makefile || die
|
||||||
|
}
|
||||||
|
|
||||||
|
src_compile() {
|
||||||
|
# depend is needed to use $confopts; it also doesn't matter
|
||||||
|
# that it's -j1 as the code itself serializes subdirs
|
||||||
|
emake -j1 depend
|
||||||
|
emake all
|
||||||
|
# rehash is needed to prep the certs/ dir; do this
|
||||||
|
# separately to avoid parallel build issues.
|
||||||
|
emake rehash
|
||||||
|
}
|
||||||
|
|
||||||
|
src_test() {
|
||||||
|
emake -j1 test
|
||||||
|
}
|
||||||
|
|
||||||
|
src_install() {
|
||||||
|
emake INSTALL_PREFIX="${D}" install
|
||||||
|
dobin "${WORKDIR}"/c_rehash #333117
|
||||||
|
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
|
||||||
|
dohtml -r doc/*
|
||||||
|
use rfc3779 && dodoc engines/ccgost/README.gost
|
||||||
|
|
||||||
|
# This is crappy in that the static archives are still built even
|
||||||
|
# when USE=static-libs. But this is due to a failing in the openssl
|
||||||
|
# build system: the static archives are built as PIC all the time.
|
||||||
|
# Only way around this would be to manually configure+compile openssl
|
||||||
|
# twice; once with shared lib support enabled and once without.
|
||||||
|
use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
|
||||||
|
|
||||||
|
# create the certs directory
|
||||||
|
dodir ${SSL_CNF_DIR}/certs
|
||||||
|
cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
|
||||||
|
rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
|
||||||
|
|
||||||
|
# Namespace openssl programs to prevent conflicts with other man pages
|
||||||
|
cd "${ED}"/usr/share/man
|
||||||
|
local m d s
|
||||||
|
for m in $(find . -type f | xargs grep -L '#include') ; do
|
||||||
|
d=${m%/*} ; d=${d#./} ; m=${m##*/}
|
||||||
|
[[ ${m} == openssl.1* ]] && continue
|
||||||
|
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
|
||||||
|
mv ${d}/{,ssl-}${m}
|
||||||
|
# fix up references to renamed man pages
|
||||||
|
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
|
||||||
|
ln -s ssl-${m} ${d}/openssl-${m}
|
||||||
|
# locate any symlinks that point to this man page ... we assume
|
||||||
|
# that any broken links are due to the above renaming
|
||||||
|
for s in $(find -L ${d} -type l) ; do
|
||||||
|
s=${s##*/}
|
||||||
|
rm -f ${d}/${s}
|
||||||
|
ln -s ssl-${m} ${d}/ssl-${s}
|
||||||
|
ln -s ssl-${s} ${d}/openssl-${s}
|
||||||
|
done
|
||||||
|
done
|
||||||
|
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
|
||||||
|
|
||||||
|
dodir /etc/sandbox.d #254521
|
||||||
|
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
|
||||||
|
|
||||||
|
diropts -m0700
|
||||||
|
keepdir ${SSL_CNF_DIR}/private
|
||||||
|
}
|
||||||
|
|
||||||
|
pkg_preinst() {
|
||||||
|
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||||
|
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||||
|
}
|
||||||
|
|
||||||
|
pkg_postinst() {
|
||||||
|
ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
|
||||||
|
c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
|
||||||
|
eend $?
|
||||||
|
|
||||||
|
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||||
|
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||||
|
}
|
Loading…
Reference in New Issue