openssl with ssl3 useflag
Hanno Böck

Hanno Böck commited on 2014-10-15 10:30:37
Zeige 11 geänderte Dateien mit 1751 Einfügungen und 0 Löschungen.

... ...
@@ -0,0 +1,12 @@
1
+AUX gentoo.config-1.0.1 4980 SHA256 e7dd01bc76f0262c91b0a3a56bbf0675feedd6d5c6e61f8dcb5e3c538b113424 SHA512 1900cf603954dc4213d84d2f1f10fb74310dd8134f9c1bcf5f633a45e2ab27398f51656ac2f4165f86be78b19283374689766e3a5d7b43e16afeff884f31a1a0 WHIRLPOOL 2fd9eb3e46a262509f46f5ee6cef963e0bf32ff2c2dc3acb2fdf890326b4db801c0c90814df6f206fc6bc8aaf1184eb68289beb33e36dcebd890bb9e2855545a
2
+AUX openssl-1.0.0a-ldflags.patch 1095 SHA256 2489ffbae4af11e1642d54992c404ca81b0c2a9c169032281f4f7778d945836f SHA512 d5a3f90ca0e9755940da525b8daba5b5d09b2b251863e9ca4f2b3b0a5db461e0aa25b2ae7a7d36d13a92ff64f2a37d4809b70aff9672c0f43398369bc7099979 WHIRLPOOL b7c2fbc833be856388110f2ac891976903e7c5dd4030249bcd79f915ae94fa93bff955ff3eaaf4a4bab306a09512bd861099c2738f5af7027174b79d023f7261
3
+AUX openssl-1.0.0d-windres.patch 2912 SHA256 e5dbfd6af69bc3f69b51787cf1f6245207be9824dfffbdd9b4e278772ed8ab32 SHA512 d7a0238edea29aac7d20dca0778c67f8ae4dc0da190e5277e1b3519ae536f2c44533ac5dc1cbcd138bc4277ad669b13fca316bd962f26e2cb387f2ad3fd0111b WHIRLPOOL d62156820e55898d0a0393473c6ad8e49c5aa7bb9d3fc7043795de7102c3003d5f8b874c751e03cf832e306ac290790e871e1318bb830b3558a43e09be5b45b4
4
+AUX openssl-1.0.0h-pkg-config.patch 1363 SHA256 dbbcc175f02e5edced01a13dd1e7d35dc4322c0970f78a7fd781a6c0766886af SHA512 c2f7a68c96098bd742235a40f27d6b1e5a0ebece53ca32dd0be74b85210479064efa1d5dc76e457b786067185768492fab2ed53762a22c511c2a2e3d43ed137b WHIRLPOOL 7f795dbed2124d8d2d126886d106675662f09b8e79c70fa2af3298486fdb75b7f1285dc17a53daf985bd4af1e58c36e13e49f46d18af860f0dabad1b3898c3b0
5
+AUX openssl-1.0.1-parallel-build.patch 10614 SHA256 f3aa674880ffa53a891d3f9054a1ff162c4461b3ec160a365990275907636259 SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 WHIRLPOOL 673f6f045765effb9ded607bf8116a81e7bfeee78ba0e8a34892081c272239a2b75fbb14f4c48b61d93593fac8e1b1e8bef7223f4cc64e8443e19c8f337ab6bc
6
+AUX openssl-1.0.1-x32.patch 3273 SHA256 a4f05b8757e225a05a9c5a3ea485159066760d878c9ee54c4eaf61760e33c6cf SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 WHIRLPOOL 1366632e7dc1c6e54efc5b9791bf24833d20e7a61ca29aa38d31b5b9629febf926a29742e370b7cd6767c810c0a1676100ca9169f0d836dfd19ff0b2c29e49c1
7
+AUX openssl-1.0.1e-s_client-verify.patch 592 SHA256 6f540fce663eefbe68cee16ad7d8d561d6c898eeb4180c2f4a4caa7e43c6d0c9 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 WHIRLPOOL 70a4cc36b1dcb24d7e9bcef016684fb2394977f7f20aa332ebd0aa15e3f4c16c74563d2fc0ba8d70669f6cc9a13bf8a30cdb28ebafe2d102cd2859a4e32c38d7
8
+AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3102 SHA256 6e502275b32ac0eca80f28448ae1bb88506f9135258f420fd857ea0b9b485778 SHA512 c80439da3d268e70fd492d0ca73c0a17ddb088b9330610794a338d1921ee13dad9caca4c81ca103b82a7541c8712f77e51f352ec1b1b02789d9aed291acb0cdc WHIRLPOOL cb760366c8759b1c78c5307134bb48c4fc12b1556276c2ef55455ea54725d20cb433ade966a7453f512d2feb5ae89a9798078ab535e4605366633a8e003c7ac6
9
+AUX openssl-1.0.1h-ipv6.patch 17788 SHA256 7adeeb88cc544f8b210efbe2baff48fccf5029b582dff7010ae70e0e1f097d7b SHA512 0f0990d4294abcb5f3e51c84080883046a054c710b57a23f99b3323727d5e9aeb5ddeb6b6c2565b4be364f7c21419c90ce5288154e404cd663678f87e0d1c259 WHIRLPOOL cfe7a2e141a4a6252ffcfe215b16dd1082bc14a757dad7eb01bb9819de41ef0ee51a4b2dbf110c27b52e483341c337bf4d1f77f4f9f3172d2fee9e348c30af7e
10
+DIST openssl-1.0.1i.tar.gz 4422117 SHA256 3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7 SHA512 6cbcdcec8568236e8f20f0461f93df8a193a0ad88102ff548443e6ec87e2a7f649e314beee1e6bafda693934b4fb142244b61d14bf736828dda09e277b941d93 WHIRLPOOL 4baefe8a203243d08c2ca4dc9e1019a539135604a8ddfb09b9a7f2711108ad6ebd45eef1cfa09331f19fe57defbe7e1390f9ac2de086437a484c5819cabb5a4a
11
+DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1
12
+EBUILD openssl-1.0.1i.ebuild 8776 SHA256 99e7d64748e9448cd1f3d8738e1a97b5daab3c56b3e5f0168186f6644d83bbd8 SHA512 e1b922da0678ac59ed09f4cffd714b45ba8e028aa844e089a4385391fcb4e02b7fc731f855e2537acf10e817710e06aa61fac91233db78a053416212e83a9bf2 WHIRLPOOL 3537527dde49f7fd39c73c7a4053c5bf44fdf3e2544fd7148019729abd01120c7f3fe85e83a38b89630ff0bb38b7d044e42234cfaf4cf68612b630900e5b209a
... ...
@@ -0,0 +1,164 @@
1
+#!/usr/bin/env bash
2
+# Copyright 1999-2014 Gentoo Foundation
3
+# Distributed under the terms of the GNU General Public License v2
4
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.1,v 1.2 2014/01/17 04:27:03 vapier Exp $
5
+#
6
+# Openssl doesn't play along nicely with cross-compiling
7
+# like autotools based projects, so let's teach it new tricks.
8
+#
9
+# Review the bundled 'config' script to see why kind of targets
10
+# we can pass to the 'Configure' script.
11
+
12
+
13
+# Testing routines
14
+if [[ $1 == "test" ]] ; then
15
+	for c in \
16
+		"arm-gentoo-linux-uclibc      |linux-generic32 -DL_ENDIAN" \
17
+		"armv5b-linux-gnu             |linux-armv4 -DB_ENDIAN" \
18
+		"x86_64-pc-linux-gnu          |linux-x86_64" \
19
+		"alpha-linux-gnu              |linux-alpha-gcc" \
20
+		"alphaev56-unknown-linux-gnu  |linux-alpha+bwx-gcc" \
21
+		"i686-pc-linux-gnu            |linux-elf" \
22
+		"whatever-gentoo-freebsdX.Y   |BSD-generic32" \
23
+		"i686-gentoo-freebsdX.Y       |BSD-x86-elf" \
24
+		"sparc64-alpha-freebsdX.Y     |BSD-sparc64" \
25
+		"ia64-gentoo-freebsd5.99234   |BSD-ia64" \
26
+		"x86_64-gentoo-freebsdX.Y     |BSD-x86_64" \
27
+		"hppa64-aldsF-linux-gnu5.3    |linux-generic32 -DB_ENDIAN" \
28
+		"powerpc-gentOO-linux-uclibc  |linux-ppc" \
29
+		"powerpc64-unk-linux-gnu      |linux-ppc64" \
30
+		"x86_64-apple-darwinX         |darwin64-x86_64-cc" \
31
+		"powerpc64-apple-darwinX      |darwin64-ppc-cc" \
32
+		"i686-apple-darwinX           |darwin-i386-cc" \
33
+		"i386-apple-darwinX           |darwin-i386-cc" \
34
+		"powerpc-apple-darwinX        |darwin-ppc-cc" \
35
+		"i586-pc-winnt                |winnt-parity" \
36
+		"s390-ibm-linux-gnu           |linux-generic32 -DB_ENDIAN" \
37
+		"s390x-linux-gnu              |linux64-s390x" \
38
+	;do
39
+		CHOST=${c/|*}
40
+		ret_want=${c/*|}
41
+		ret_got=$(CHOST=${CHOST} "$0")
42
+
43
+		if [[ ${ret_want} == "${ret_got}" ]] ; then
44
+			echo "PASS: ${CHOST}"
45
+		else
46
+			echo "FAIL: ${CHOST}"
47
+			echo -e "\twanted: ${ret_want}"
48
+			echo -e "\twe got: ${ret_got}"
49
+		fi
50
+	done
51
+	exit 0
52
+fi
53
+[[ -z ${CHOST} && -n $1 ]] && CHOST=$1
54
+
55
+
56
+# Detect the operating system
57
+case ${CHOST} in
58
+	*-aix*)          system="aix";;
59
+	*-darwin*)       system="darwin";;
60
+	*-freebsd*)      system="BSD";;
61
+	*-hpux*)         system="hpux";;
62
+	*-linux*)        system="linux";;
63
+	*-solaris*)      system="solaris";;
64
+	*-winnt*)        system="winnt";;
65
+	x86_64-*-mingw*) system="mingw64";;
66
+	*mingw*)         system="mingw";;
67
+	*)               exit 0;;
68
+esac
69
+
70
+
71
+# Compiler munging
72
+compiler="gcc"
73
+if [[ ${CC} == "ccc" ]] ; then
74
+	compiler=${CC}
75
+fi
76
+
77
+
78
+# Detect target arch
79
+machine=""
80
+chost_machine=${CHOST%%-*}
81
+case ${system} in
82
+linux)
83
+	case ${chost_machine}:${ABI} in
84
+		aarch64*be)   machine="generic64 -DB_ENDIAN";;
85
+		aarch64*)     machine="generic64 -DL_ENDIAN";;
86
+		alphaev56*|\
87
+		alphaev[678]*)machine=alpha+bwx-${compiler};;
88
+		alpha*)       machine=alpha-${compiler};;
89
+		armv[4-9]*b*) machine="armv4 -DB_ENDIAN";;
90
+		armv[4-9]*)   machine="armv4 -DL_ENDIAN";;
91
+		arm*b*)       machine="generic32 -DB_ENDIAN";;
92
+		arm*)         machine="generic32 -DL_ENDIAN";;
93
+		avr*)         machine="generic32 -DL_ENDIAN";;
94
+		bfin*)        machine="generic32 -DL_ENDIAN";;
95
+	#	hppa64*)      machine=parisc64;;
96
+		hppa*)        machine="generic32 -DB_ENDIAN";;
97
+		i[0-9]86*|\
98
+		x86_64*:x86)  machine=elf;;
99
+		ia64*)        machine=ia64;;
100
+		m68*)         machine="generic32 -DB_ENDIAN";;
101
+		mips*el*)     machine="generic32 -DL_ENDIAN";;
102
+		mips*)        machine="generic32 -DB_ENDIAN";;
103
+		powerpc64*le) machine="generic64 -DL_ENDIAN";;
104
+		powerpc64*)   machine=ppc64;;
105
+		powerpc*le)   machine="generic32 -DL_ENDIAN";;
106
+		powerpc*)     machine=ppc;;
107
+	#	sh64*)        machine=elf;;
108
+		sh*b*)        machine="generic32 -DB_ENDIAN";;
109
+		sh*)          machine="generic32 -DL_ENDIAN";;
110
+		sparc*v7*)    machine="generic32 -DB_ENDIAN";;
111
+		sparc64*)     machine=sparcv9;;
112
+		sparc*)       machine=sparcv8;;
113
+		s390x*)       machine=s390x system=linux64;;
114
+		s390*)        machine="generic32 -DB_ENDIAN";;
115
+		x86_64*:x32)  machine=x32;;
116
+		x86_64*)      machine=x86_64;;
117
+	esac
118
+	;;
119
+BSD)
120
+	case ${chost_machine} in
121
+		alpha*)       machine=generic64;;
122
+		i[6-9]86*)    machine=x86-elf;;
123
+		ia64*)        machine=ia64;;
124
+		sparc64*)     machine=sparc64;;
125
+		x86_64*)      machine=x86_64;;
126
+		*)            machine=generic32;;
127
+	esac
128
+	;;
129
+aix)
130
+	machine=${compiler}
131
+	;;
132
+darwin)
133
+	case ${chost_machine} in
134
+		powerpc64)    machine=ppc-cc; system=${system}64;;
135
+		powerpc)      machine=ppc-cc;;
136
+		i?86*)        machine=i386-cc;;
137
+		x86_64)       machine=x86_64-cc; system=${system}64;;
138
+	esac
139
+	;;
140
+hpux)
141
+	case ${chost_machine} in
142
+		ia64)	machine=ia64-${compiler} ;;
143
+	esac
144
+	;;
145
+solaris)
146
+	case ${chost_machine} in
147
+		i386)         machine=x86-${compiler} ;;
148
+		x86_64*)      machine=x86_64-${compiler}; system=${system}64;;
149
+		sparcv9*)     machine=sparcv9-${compiler}; system=${system}64;;
150
+		sparc*)       machine=sparcv8-${compiler};;
151
+	esac
152
+	;;
153
+winnt)
154
+	machine=parity
155
+	;;
156
+mingw*)
157
+	# special case ... no xxx-yyy style name
158
+	echo ${system}
159
+	;;
160
+esac
161
+
162
+
163
+# If we have something, show it
164
+[[ -n ${machine} ]] && echo ${system}-${machine}
... ...
@@ -0,0 +1,29 @@
1
+http://bugs.gentoo.org/181438
2
+http://bugs.gentoo.org/327421
3
+https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest
4
+
5
+make sure we respect LDFLAGS
6
+
7
+also make sure we don't add useless -rpath flags to the system libdir
8
+
9
+--- Makefile.org
10
++++ Makefile.org
11
+@@ -189,6 +189,7 @@
12
+ 		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
13
+ 		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
14
+ 		MAKEDEPPROG='$(MAKEDEPPROG)'			\
15
++		LDFLAGS='${LDFLAGS}'				\
16
+ 		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
17
+ 		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
18
+ 		ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)'	\
19
+--- Makefile.shared
20
++++ Makefile.shared
21
+@@ -153,7 +153,7 @@
22
+ 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
23
+ 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
24
+ 
25
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
26
++DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
27
+ 
28
+ #This is rather special.  It's a special target with which one can link
29
+ #applications without bothering with any features that have anything to
... ...
@@ -0,0 +1,76 @@
1
+URL: http://rt.openssl.org/Ticket/Display.html?id=2558&user=guest&pass=guest
2
+Subject: make windres controllable via build env var settings
3
+
4
+atm, the windres code in openssl is only usable via the cross-compile prefix 
5
+option unlike all the other build tools. so add support for the standard $RC 
6
+/ $WINDRES env vars as well.
7
+
8
+Index: Configure
9
+===================================================================
10
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/Configure,v
11
+retrieving revision 1.621.2.40
12
+diff -u -p -r1.621.2.40 Configure
13
+--- Configure	30 Nov 2010 22:19:26 -0000	1.621.2.40
14
++++ Configure	4 Jul 2011 23:12:32 -0000
15
+@@ -1094,6 +1094,7 @@ my $shared_extension = $fields[$idx_shar
16
+ my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
17
+ my $ar = $ENV{'AR'} || "ar";
18
+ my $arflags = $fields[$idx_arflags];
19
++my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres";
20
+ my $multilib = $fields[$idx_multilib];
21
+ 
22
+ # if $prefix/lib$multilib is not an existing directory, then
23
+@@ -1511,12 +1512,14 @@ while (<IN>)
24
+ 		s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
25
+ 		s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
26
+ 		s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
27
++		s/^WINDRES=\s*/WINDRES= \$\(CROSS_COMPILE\)/;
28
+ 		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
29
+ 		}
30
+ 	else	{
31
+ 		s/^CC=.*$/CC= $cc/;
32
+ 		s/^AR=\s*ar/AR= $ar/;
33
+ 		s/^RANLIB=.*/RANLIB= $ranlib/;
34
++		s/^WINDRES=.*/WINDRES= $windres/;
35
+ 		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
36
+ 		}
37
+ 	s/^CFLAG=.*$/CFLAG= $cflags/;
38
+Index: Makefile.org
39
+===================================================================
40
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.org,v
41
+retrieving revision 1.295.2.10
42
+diff -u -p -r1.295.2.10 Makefile.org
43
+--- Makefile.org	27 Jan 2010 16:06:58 -0000	1.295.2.10
44
++++ Makefile.org	4 Jul 2011 23:13:08 -0000
45
+@@ -66,6 +66,7 @@ EXE_EXT= 
46
+ ARFLAGS=
47
+ AR=ar $(ARFLAGS) r
48
+ RANLIB= ranlib
49
++WINDRES= windres
50
+ NM= nm
51
+ PERL= perl
52
+ TAR= tar
53
+@@ -180,6 +181,7 @@ BUILDENV=	PLATFORM='$(PLATFORM)' PROCESS
54
+ 		CC='$(CC)' CFLAG='$(CFLAG)' 			\
55
+ 		AS='$(CC)' ASFLAG='$(CFLAG) -c'			\
56
+ 		AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)'	\
57
++		WINDRES='$(WINDRES)'				\
58
+ 		CROSS_COMPILE='$(CROSS_COMPILE)'	\
59
+ 		PERL='$(PERL)' ENGDIRS='$(ENGDIRS)'		\
60
+ 		SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)'	\
61
+Index: Makefile.shared
62
+===================================================================
63
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.shared,v
64
+retrieving revision 1.72.2.4
65
+diff -u -p -r1.72.2.4 Makefile.shared
66
+--- Makefile.shared	21 Aug 2010 11:36:49 -0000	1.72.2.4
67
++++ Makefile.shared	4 Jul 2011 23:13:52 -0000
68
+@@ -293,7 +293,7 @@ link_a.cygwin:
69
+ 	fi; \
70
+ 	dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
71
+ 	$(PERL) util/mkrc.pl $$dll_name | \
72
+-		$(CROSS_COMPILE)windres -o rc.o; \
73
++		$(WINDRES) -o rc.o; \
74
+ 	extras="$$extras rc.o"; \
75
+ 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
76
+ 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
... ...
@@ -0,0 +1,34 @@
1
+https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest
2
+
3
+depend on other pc files rather than encoding library info directly in
4
+every pkg-config file
5
+
6
+--- a/Makefile.org
7
++++ b/Makefile.org
8
+@@ -335,11 +335,11 @@ libssl.pc: Makefile
9
+ 	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
10
+ 	    echo 'includedir=$${prefix}/include'; \
11
+ 	    echo ''; \
12
+-	    echo 'Name: OpenSSL'; \
13
++	    echo 'Name: OpenSSL-libssl'; \
14
+ 	    echo 'Description: Secure Sockets Layer and cryptography libraries'; \
15
+ 	    echo 'Version: '$(VERSION); \
16
+-	    echo 'Requires: '; \
17
+-	    echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
18
++	    echo 'Requires.private: libcrypto'; \
19
++	    echo 'Libs: -L$${libdir} -lssl'; \
20
+ 	    echo 'Libs.private: $(EX_LIBS)'; \
21
+ 	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
22
+ 
23
+@@ -352,10 +353,7 @@ openssl.pc: Makefile
24
+ 	    echo 'Name: OpenSSL'; \
25
+ 	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
26
+ 	    echo 'Version: '$(VERSION); \
27
+-	    echo 'Requires: '; \
28
+-	    echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
29
+-	    echo 'Libs.private: $(EX_LIBS)'; \
30
+-	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
31
++	    echo 'Requires: libssl libcrypto' ) > openssl.pc
32
+ 
33
+ Makefile: Makefile.org Configure config
34
+ 	@echo "Makefile is older than Makefile.org, Configure or config."
... ...
@@ -0,0 +1,354 @@
1
+http://rt.openssl.org/Ticket/Display.html?id=2084
2
+
3
+--- a/Makefile.org
4
++++ b/Makefile.org
5
+@@ -247,17 +247,17 @@
6
+ build_libs: build_crypto build_ssl build_engines
7
+ 
8
+ build_crypto:
9
+-	@dir=crypto; target=all; $(BUILD_ONE_CMD)
10
++	+@dir=crypto; target=all; $(BUILD_ONE_CMD)
11
+-build_ssl:
12
++build_ssl: build_crypto
13
+-	@dir=ssl; target=all; $(BUILD_ONE_CMD)
14
++	+@dir=ssl; target=all; $(BUILD_ONE_CMD)
15
+-build_engines:
16
++build_engines: build_crypto
17
+-	@dir=engines; target=all; $(BUILD_ONE_CMD)
18
++	+@dir=engines; target=all; $(BUILD_ONE_CMD)
19
+-build_apps:
20
++build_apps: build_libs
21
+-	@dir=apps; target=all; $(BUILD_ONE_CMD)
22
++	+@dir=apps; target=all; $(BUILD_ONE_CMD)
23
+-build_tests:
24
++build_tests: build_libs
25
+-	@dir=test; target=all; $(BUILD_ONE_CMD)
26
++	+@dir=test; target=all; $(BUILD_ONE_CMD)
27
+-build_tools:
28
++build_tools: build_libs
29
+-	@dir=tools; target=all; $(BUILD_ONE_CMD)
30
++	+@dir=tools; target=all; $(BUILD_ONE_CMD)
31
+ 
32
+ all_testapps: build_libs build_testapps
33
+ build_testapps:
34
+@@ -497,9 +497,9 @@
35
+ dist_pem_h:
36
+ 	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
37
+ 
38
+-install: all install_docs install_sw
39
++install: install_docs install_sw
40
+ 
41
+-install_sw:
42
++install_dirs:
43
+ 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
44
+ 		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
45
+ 		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
46
+@@ -508,6 +508,13 @@
47
+ 		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
48
+ 		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
49
+ 		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
50
++	@$(PERL) $(TOP)/util/mkdir-p.pl \
51
++		$(INSTALL_PREFIX)$(MANDIR)/man1 \
52
++		$(INSTALL_PREFIX)$(MANDIR)/man3 \
53
++		$(INSTALL_PREFIX)$(MANDIR)/man5 \
54
++		$(INSTALL_PREFIX)$(MANDIR)/man7
55
++
56
++install_sw: install_dirs
57
+ 	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
58
+ 	do \
59
+ 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
60
+@@ -511,7 +511,7 @@
61
+ 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
62
+ 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
63
+ 	done;
64
+-	@set -e; target=install; $(RECURSIVE_BUILD_CMD)
65
++	+@set -e; target=install; $(RECURSIVE_BUILD_CMD)
66
+ 	@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
67
+ 	do \
68
+ 		if [ -f "$$i" ]; then \
69
+@@ -593,12 +600,7 @@
70
+ 		done; \
71
+ 	done
72
+ 
73
+-install_docs:
74
+-	@$(PERL) $(TOP)/util/mkdir-p.pl \
75
+-		$(INSTALL_PREFIX)$(MANDIR)/man1 \
76
+-		$(INSTALL_PREFIX)$(MANDIR)/man3 \
77
+-		$(INSTALL_PREFIX)$(MANDIR)/man5 \
78
+-		$(INSTALL_PREFIX)$(MANDIR)/man7
79
++install_docs: install_dirs
80
+ 	@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
81
+ 	here="`pwd`"; \
82
+ 	filecase=; \
83
+--- a/Makefile.shared
84
++++ b/Makefile.shared
85
+@@ -105,6 +105,7 @@ LINK_SO=	\
86
+     SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
87
+     LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
88
+     LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
89
++    [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
90
+     LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
91
+     $${SHAREDCMD} $${SHAREDFLAGS} \
92
+ 	-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
93
+@@ -122,6 +124,7 @@ SYMLINK_SO=	\
94
+ 			done; \
95
+ 		fi; \
96
+ 		if [ -n "$$SHLIB_SOVER" ]; then \
97
++			[ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
98
+ 			( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
99
+ 			  ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
100
+ 		fi; \
101
+--- a/crypto/Makefile
102
++++ b/crypto/Makefile
103
+@@ -85,11 +85,11 @@
104
+ 	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
105
+ 
106
+ subdirs:
107
+-	@target=all; $(RECURSIVE_MAKE)
108
++	+@target=all; $(RECURSIVE_MAKE)
109
+ 
110
+ files:
111
+ 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
112
+-	@target=files; $(RECURSIVE_MAKE)
113
++	+@target=files; $(RECURSIVE_MAKE)
114
+ 
115
+ links:
116
+ 	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
117
+@@ -100,7 +100,7 @@
118
+ # lib: $(LIB): are splitted to avoid end-less loop
119
+ lib:	$(LIB)
120
+ 	@touch lib
121
+-$(LIB):	$(LIBOBJ)
122
++$(LIB):	$(LIBOBJ) | subdirs
123
+ 	$(AR) $(LIB) $(LIBOBJ)
124
+ 	$(RANLIB) $(LIB) || echo Never mind.
125
+ 
126
+@@ -110,7 +110,7 @@
127
+ 	fi
128
+ 
129
+ libs:
130
+-	@target=lib; $(RECURSIVE_MAKE)
131
++	+@target=lib; $(RECURSIVE_MAKE)
132
+ 
133
+ install:
134
+ 	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
135
+@@ -119,7 +119,7 @@
136
+ 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
137
+ 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
138
+ 	done;
139
+-	@target=install; $(RECURSIVE_MAKE)
140
++	+@target=install; $(RECURSIVE_MAKE)
141
+ 
142
+ lint:
143
+ 	@target=lint; $(RECURSIVE_MAKE)
144
+--- a/engines/Makefile
145
++++ b/engines/Makefile
146
+@@ -72,7 +72,7 @@
147
+ 
148
+ all:	lib subdirs
149
+ 
150
+-lib:	$(LIBOBJ)
151
++lib:	$(LIBOBJ) | subdirs
152
+ 	@if [ -n "$(SHARED_LIBS)" ]; then \
153
+ 		set -e; \
154
+ 		for l in $(LIBNAMES); do \
155
+@@ -89,7 +89,7 @@
156
+ 
157
+ subdirs:
158
+ 	echo $(EDIRS)
159
+-	@target=all; $(RECURSIVE_MAKE)
160
++	+@target=all; $(RECURSIVE_MAKE)
161
+ 
162
+ files:
163
+ 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
164
+@@ -128,7 +128,7 @@
165
+ 			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
166
+ 		done; \
167
+ 	fi
168
+-	@target=install; $(RECURSIVE_MAKE)
169
++	+@target=install; $(RECURSIVE_MAKE)
170
+ 
171
+ tags:
172
+ 	ctags $(SRC)
173
+--- a/test/Makefile
174
++++ b/test/Makefile
175
+@@ -123,7 +123,7 @@
176
+ tags:
177
+ 	ctags $(SRC)
178
+ 
179
+-tests:	exe apps $(TESTS)
180
++tests:	exe $(TESTS)
181
+ 
182
+ apps:
183
+ 	@(cd ..; $(MAKE) DIRS=apps all)
184
+@@ -365,109 +365,109 @@
185
+ 		link_app.$${shlib_target}
186
+ 
187
+ $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
188
+-	@target=$(RSATEST); $(BUILD_CMD)
189
++	+@target=$(RSATEST); $(BUILD_CMD)
190
+ 
191
+ $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
192
+-	@target=$(BNTEST); $(BUILD_CMD)
193
++	+@target=$(BNTEST); $(BUILD_CMD)
194
+ 
195
+ $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
196
+-	@target=$(ECTEST); $(BUILD_CMD)
197
++	+@target=$(ECTEST); $(BUILD_CMD)
198
+ 
199
+ $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
200
+-	@target=$(EXPTEST); $(BUILD_CMD)
201
++	+@target=$(EXPTEST); $(BUILD_CMD)
202
+ 
203
+ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
204
+-	@target=$(IDEATEST); $(BUILD_CMD)
205
++	+@target=$(IDEATEST); $(BUILD_CMD)
206
+ 
207
+ $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
208
+-	@target=$(MD2TEST); $(BUILD_CMD)
209
++	+@target=$(MD2TEST); $(BUILD_CMD)
210
+ 
211
+ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
212
+-	@target=$(SHATEST); $(BUILD_CMD)
213
++	+@target=$(SHATEST); $(BUILD_CMD)
214
+ 
215
+ $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
216
+-	@target=$(SHA1TEST); $(BUILD_CMD)
217
++	+@target=$(SHA1TEST); $(BUILD_CMD)
218
+ 
219
+ $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
220
+-	@target=$(SHA256TEST); $(BUILD_CMD)
221
++	+@target=$(SHA256TEST); $(BUILD_CMD)
222
+ 
223
+ $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
224
+-	@target=$(SHA512TEST); $(BUILD_CMD)
225
++	+@target=$(SHA512TEST); $(BUILD_CMD)
226
+ 
227
+ $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
228
+-	@target=$(RMDTEST); $(BUILD_CMD)
229
++	+@target=$(RMDTEST); $(BUILD_CMD)
230
+ 
231
+ $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
232
+-	@target=$(MDC2TEST); $(BUILD_CMD)
233
++	+@target=$(MDC2TEST); $(BUILD_CMD)
234
+ 
235
+ $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
236
+-	@target=$(MD4TEST); $(BUILD_CMD)
237
++	+@target=$(MD4TEST); $(BUILD_CMD)
238
+ 
239
+ $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
240
+-	@target=$(MD5TEST); $(BUILD_CMD)
241
++	+@target=$(MD5TEST); $(BUILD_CMD)
242
+ 
243
+ $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
244
+-	@target=$(HMACTEST); $(BUILD_CMD)
245
++	+@target=$(HMACTEST); $(BUILD_CMD)
246
+ 
247
+ $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
248
+-	@target=$(WPTEST); $(BUILD_CMD)
249
++	+@target=$(WPTEST); $(BUILD_CMD)
250
+ 
251
+ $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
252
+-	@target=$(RC2TEST); $(BUILD_CMD)
253
++	+@target=$(RC2TEST); $(BUILD_CMD)
254
+ 
255
+ $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
256
+-	@target=$(BFTEST); $(BUILD_CMD)
257
++	+@target=$(BFTEST); $(BUILD_CMD)
258
+ 
259
+ $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
260
+-	@target=$(CASTTEST); $(BUILD_CMD)
261
++	+@target=$(CASTTEST); $(BUILD_CMD)
262
+ 
263
+ $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
264
+-	@target=$(RC4TEST); $(BUILD_CMD)
265
++	+@target=$(RC4TEST); $(BUILD_CMD)
266
+ 
267
+ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
268
+-	@target=$(RC5TEST); $(BUILD_CMD)
269
++	+@target=$(RC5TEST); $(BUILD_CMD)
270
+ 
271
+ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
272
+-	@target=$(DESTEST); $(BUILD_CMD)
273
++	+@target=$(DESTEST); $(BUILD_CMD)
274
+ 
275
+ $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
276
+-	@target=$(RANDTEST); $(BUILD_CMD)
277
++	+@target=$(RANDTEST); $(BUILD_CMD)
278
+ 
279
+ $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
280
+-	@target=$(DHTEST); $(BUILD_CMD)
281
++	+@target=$(DHTEST); $(BUILD_CMD)
282
+ 
283
+ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
284
+-	@target=$(DSATEST); $(BUILD_CMD)
285
++	+@target=$(DSATEST); $(BUILD_CMD)
286
+ 
287
+ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
288
+-	@target=$(METHTEST); $(BUILD_CMD)
289
++	+@target=$(METHTEST); $(BUILD_CMD)
290
+ 
291
+ $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
292
+-	@target=$(SSLTEST); $(FIPS_BUILD_CMD)
293
++	+@target=$(SSLTEST); $(FIPS_BUILD_CMD)
294
+ 
295
+ $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
296
+-	@target=$(ENGINETEST); $(BUILD_CMD)
297
++	+@target=$(ENGINETEST); $(BUILD_CMD)
298
+ 
299
+ $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
300
+-	@target=$(EVPTEST); $(BUILD_CMD)
301
++	+@target=$(EVPTEST); $(BUILD_CMD)
302
+ 
303
+ $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
304
+-	@target=$(ECDSATEST); $(BUILD_CMD)
305
++	+@target=$(ECDSATEST); $(BUILD_CMD)
306
+ 
307
+ $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
308
+-	@target=$(ECDHTEST); $(BUILD_CMD)
309
++	+@target=$(ECDHTEST); $(BUILD_CMD)
310
+ 
311
+ $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
312
+-	@target=$(IGETEST); $(BUILD_CMD)
313
++	+@target=$(IGETEST); $(BUILD_CMD)
314
+ 
315
+ $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
316
+-	@target=$(JPAKETEST); $(BUILD_CMD)
317
++	+@target=$(JPAKETEST); $(BUILD_CMD)
318
+ 
319
+ $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
320
+-	@target=$(ASN1TEST); $(BUILD_CMD)
321
++	+@target=$(ASN1TEST); $(BUILD_CMD)
322
+ 
323
+ $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
324
+-	@target=$(SRPTEST); $(BUILD_CMD)
325
++	+@target=$(SRPTEST); $(BUILD_CMD)
326
+ 
327
+ #$(AESTEST).o: $(AESTEST).c
328
+ #	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
329
+@@ -480,7 +480,7 @@
330
+ #	fi
331
+ 
332
+ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
333
+-	@target=dummytest; $(BUILD_CMD)
334
++	+@target=dummytest; $(BUILD_CMD)
335
+ 
336
+ # DO NOT DELETE THIS LINE -- make depend depends on it.
337
+ 
338
+--- a/crypto/objects/Makefile
339
++++ b/crypto/objects/Makefile
340
+@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h
341
+ # objects.pl both reads and writes obj_mac.num
342
+ obj_mac.h: objects.pl objects.txt obj_mac.num
343
+ 	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
344
+-	@sleep 1; touch obj_mac.h; sleep 1
345
+ 
346
+-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
347
++# This doesn't really need obj_mac.h, but since that rule reads & writes
348
++# obj_mac.num, we can't run in parallel with it.
349
++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
350
+ 	$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
351
+-	@sleep 1; touch obj_xref.h; sleep 1
352
+ 
353
+ files:
354
+ 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
... ...
@@ -0,0 +1,79 @@
1
+http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721
2
+
3
+UpstreamStatus: Pending
4
+
5
+Received from H J Liu @ Intel
6
+Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors.
7
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
8
+
9
+ported the patch to the 1.0.0e version
10
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
11
+Index: openssl-1.0.0e/Configure
12
+===================================================================
13
+--- openssl-1.0.0e.orig/Configure
14
++++ openssl-1.0.0e/Configure
15
+@@ -393,6 +393,7 @@ my %table=(
16
+ "debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
17
+ "debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
18
+ "debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
19
++"linux-x32",	"gcc:-DL_ENDIAN 	-DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
20
+ "dist",		"cc:-O::(unknown)::::::",
21
+ 
22
+ # Basic configs that should work on any (32 and less bit) box
23
+Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
24
+===================================================================
25
+--- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c
26
++++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
27
+@@ -55,7 +55,7 @@
28
+  *    machine.
29
+  */
30
+ 
31
+-#ifdef _WIN64
32
++#if defined _WIN64 || !defined __LP64__
33
+ #define BN_ULONG unsigned long long
34
+ #else
35
+ #define BN_ULONG unsigned long
36
+@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
37
+ 	asm (
38
+ 	"	subq	%2,%2		\n"
39
+ 	".p2align 4			\n"
40
+-	"1:	movq	(%4,%2,8),%0	\n"
41
+-	"	adcq	(%5,%2,8),%0	\n"
42
+-	"	movq	%0,(%3,%2,8)	\n"
43
++	"1:	movq	(%q4,%2,8),%0	\n"
44
++	"	adcq	(%q5,%2,8),%0	\n"
45
++	"	movq	%0,(%q3,%2,8)	\n"
46
+ 	"	leaq	1(%2),%2	\n"
47
+ 	"	loop	1b		\n"
48
+ 	"	sbbq	%0,%0		\n"
49
+@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
50
+ 	asm (
51
+ 	"	subq	%2,%2		\n"
52
+ 	".p2align 4			\n"
53
+-	"1:	movq	(%4,%2,8),%0	\n"
54
+-	"	sbbq	(%5,%2,8),%0	\n"
55
+-	"	movq	%0,(%3,%2,8)	\n"
56
++	"1:	movq	(%q4,%2,8),%0	\n"
57
++	"	sbbq	(%q5,%2,8),%0	\n"
58
++	"	movq	%0,(%q3,%2,8)	\n"
59
+ 	"	leaq	1(%2),%2	\n"
60
+ 	"	loop	1b		\n"
61
+ 	"	sbbq	%0,%0		\n"
62
+Index: openssl-1.0.0e/crypto/bn/bn.h
63
+===================================================================
64
+--- openssl-1.0.0e.orig/crypto/bn/bn.h
65
++++ openssl-1.0.0e/crypto/bn/bn.h
66
+@@ -172,6 +172,13 @@ extern "C" {
67
+ # endif
68
+ #endif
69
+ 
70
++/* Address type.  */
71
++#ifdef _WIN64
72
++#define BN_ADDR unsigned long long
73
++#else
74
++#define BN_ADDR unsigned long
75
++#endif
76
++
77
+ /* assuming long is 64bit - this is the DEC Alpha
78
+  * unsigned long long is only 64 bits :-(, don't define
79
+  * BN_LLONG for the DEC Alpha */
... ...
@@ -0,0 +1,18 @@
1
+https://bugs.gentoo.org/472584
2
+http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest
3
+
4
+fix verification handling in s_client.  when loading paths, make sure
5
+we properly fallback to setting the default paths.
6
+
7
+--- a/apps/s_client.c
8
++++ b/apps/s_client.c
9
+@@ -899,7 +899,7 @@
10
+ 	if (!set_cert_key_stuff(ctx,cert,key))
11
+ 		goto end;
12
+ 
13
+-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
14
++	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) &&
15
+ 		(!SSL_CTX_set_default_verify_paths(ctx)))
16
+ 		{
17
+ 		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
18
+
... ...
@@ -0,0 +1,84 @@
1
+https://bugs.gentoo.org/499086
2
+https://rt.openssl.org/Ticket/Display.html?id=3333&user=guest&pass=guest
3
+
4
+when gcc is given a .s file and told to preprocess it, it outputs nothing
5
+
6
+From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001
7
+From: Mike Frysinger <vapier@gentoo.org>
8
+Date: Sat, 25 Jan 2014 05:44:47 -0500
9
+Subject: [PATCH] Revert "Make Makefiles OSF-make-friendly."
10
+
11
+This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34.
12
+---
13
+ crypto/Makefile       | 4 +---
14
+ crypto/bn/Makefile    | 4 +---
15
+ crypto/evp/Makefile   | 2 +-
16
+ crypto/modes/Makefile | 5 +----
17
+ crypto/sha/Makefile   | 4 +---
18
+ util/shlib_wrap.sh    | 6 +-----
19
+ 6 files changed, 6 insertions(+), 19 deletions(-)
20
+
21
+diff --git a/crypto/Makefile b/crypto/Makefile
22
+index b253f50..1de9d5f 100644
23
+--- a/crypto/Makefile
24
++++ b/crypto/Makefile
25
+@@ -86,9 +86,7 @@ ia64cpuid.s:	ia64cpuid.S;	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
26
+ ppccpuid.s:	ppccpuid.pl;	$(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
27
+ pariscid.s:	pariscid.pl;	$(PERL) pariscid.pl $(PERLASM_SCHEME) $@
28
+ alphacpuid.s:	alphacpuid.pl
29
+-	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
30
+-	$(PERL) alphacpuid.pl > $$preproc && \
31
+-	$(CC) -E $$preproc > $@ && rm $$preproc)
32
++	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
33
+ 
34
+ subdirs:
35
+ 	@target=all; $(RECURSIVE_MAKE)
36
+diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
37
+index b62b676..6c03363 100644
38
+--- a/crypto/bn/Makefile
39
++++ b/crypto/bn/Makefile
40
+@@ -136,9 +136,7 @@ ppc-mont.s:	asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
41
+ ppc64-mont.s:	asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
42
+ 
43
+ alpha-mont.s:	asm/alpha-mont.pl
44
+-	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
45
+-	$(PERL) asm/alpha-mont.pl > $$preproc && \
46
+-	$(CC) -E $$preproc > $@ && rm $$preproc)
47
++	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
48
+ 
49
+ # GNU make "catch all"
50
+ %-mont.S:	asm/%-mont.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
51
+diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
52
+index ce0dcd6..88ac65e 100644
53
+--- a/crypto/modes/Makefile
54
++++ b/crypto/modes/Makefile
55
+@@ -55,10 +55,7 @@ aesni-gcm-x86_64.s:	asm/aesni-gcm-x86_64.pl
56
+ ghash-sparcv9.s:	asm/ghash-sparcv9.pl
57
+ 	$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
58
+ ghash-alpha.s:	asm/ghash-alpha.pl
59
+-	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
60
+-	$(PERL) asm/ghash-alpha.pl > $$preproc && \
61
+-	$(CC) -E $$preproc > $@ && rm $$preproc)
62
+-
63
++	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
64
+ ghash-parisc.s:	asm/ghash-parisc.pl
65
+ 	$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
66
+ 
67
+diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
68
+index 64eab6c..63fba69 100644
69
+--- a/crypto/sha/Makefile
70
++++ b/crypto/sha/Makefile
71
+@@ -60,9 +60,7 @@ sha256-armv4.S: asm/sha256-armv4.pl
72
+ 	$(PERL) $< $(PERLASM_SCHEME) $@
73
+ 
74
+ sha1-alpha.s:	asm/sha1-alpha.pl
75
+-	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
76
+-	$(PERL) asm/sha1-alpha.pl > $$preproc && \
77
+-	$(CC) -E $$preproc > $@ && rm $$preproc)
78
++	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
79
+ 
80
+ # Solaris make has to be explicitly told
81
+ sha1-x86_64.s:	asm/sha1-x86_64.pl;	$(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
82
+-- 
83
+1.8.5.3
84
+
... ...
@@ -0,0 +1,642 @@
1
+http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest
2
+
3
+Forward ported from openssl-1.0.1e-ipv6.patch
4
+
5
+Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
6
+
7
+--- openssl-1.0.1h/apps/s_apps.h
8
++++ openssl-1.0.1h/apps/s_apps.h
9
+@@ -148,7 +148,7 @@
10
+ #define PORT_STR        "4433"
11
+ #define PROTOCOL        "tcp"
12
+ 
13
+-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
14
++int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6);
15
+ #ifdef HEADER_X509_H
16
+ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
17
+ #endif
18
+@@ -156,7 +156,7 @@
19
+ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
20
+ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
21
+ #endif
22
+-int init_client(int *sock, char *server, int port, int type);
23
++int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6);
24
+ int should_retry(int i);
25
+ int extract_port(char *str, short *port_ptr);
26
+ int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
27
+--- openssl-1.0.1h/apps/s_client.c
28
++++ openssl-1.0.1h/apps/s_client.c
29
+@@ -285,6 +285,10 @@
30
+ 	{
31
+ 	BIO_printf(bio_err,"usage: s_client args\n");
32
+ 	BIO_printf(bio_err,"\n");
33
++	BIO_printf(bio_err," -4             - use IPv4 only\n");
34
++#if OPENSSL_USE_IPV6
35
++	BIO_printf(bio_err," -6             - use IPv6 only\n");
36
++#endif
37
+ 	BIO_printf(bio_err," -host host     - use -connect instead\n");
38
+ 	BIO_printf(bio_err," -port port     - use -connect instead\n");
39
+ 	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
40
+@@ -568,6 +572,7 @@
41
+ 	int sbuf_len,sbuf_off;
42
+ 	fd_set readfds,writefds;
43
+ 	short port=PORT;
44
++	int use_ipv4, use_ipv6;
45
+ 	int full_log=1;
46
+ 	char *host=SSL_HOST_NAME;
47
+ 	char *cert_file=NULL,*key_file=NULL;
48
+@@ -613,7 +618,11 @@
49
+ #endif
50
+ 	char *sess_in = NULL;
51
+ 	char *sess_out = NULL;
52
+-	struct sockaddr peer;
53
++#if OPENSSL_USE_IPV6
54
++	struct sockaddr_storage peer;
55
++#else
56
++	struct sockaddr_in peer;
57
++#endif
58
+ 	int peerlen = sizeof(peer);
59
+ 	int enable_timeouts = 0 ;
60
+ 	long socket_mtu = 0;
61
+@@ -628,6 +637,12 @@
62
+ 
63
+ 	meth=SSLv23_client_method();
64
+ 
65
++	use_ipv4 = 1;
66
++#if OPENSSL_USE_IPV6
67
++	use_ipv6 = 1;
68
++#else
69
++	use_ipv6 = 0;
70
++#endif
71
+ 	apps_startup();
72
+ 	c_Pause=0;
73
+ 	c_quiet=0;
74
+@@ -949,6 +964,18 @@
75
+ 			jpake_secret = *++argv;
76
+ 			}
77
+ #endif
78
++		else if (strcmp(*argv,"-4") == 0)
79
++			{
80
++			use_ipv4 = 1;
81
++			use_ipv6 = 0;
82
++			}
83
++#if OPENSSL_USE_IPV6
84
++		else if (strcmp(*argv,"-6") == 0)
85
++			{
86
++			use_ipv4 = 0;
87
++			use_ipv6 = 1;
88
++			}
89
++#endif
90
+ #ifndef OPENSSL_NO_SRTP
91
+ 		else if (strcmp(*argv,"-use_srtp") == 0)
92
+ 			{
93
+@@ -1260,7 +1287,7 @@
94
+ 
95
+ re_start:
96
+ 
97
+-	if (init_client(&s,host,port,socket_type) == 0)
98
++	if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0)
99
+ 		{
100
+ 		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
101
+ 		SHUTDOWN(s);
102
+@@ -1286,7 +1313,7 @@
103
+ 		{
104
+ 
105
+ 		sbio=BIO_new_dgram(s,BIO_NOCLOSE);
106
+-		if (getsockname(s, &peer, (void *)&peerlen) < 0)
107
++		if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0)
108
+ 			{
109
+ 			BIO_printf(bio_err, "getsockname:errno=%d\n",
110
+ 				get_last_socket_error());
111
+--- openssl-1.0.1h/apps/s_server.c
112
++++ openssl-1.0.1h/apps/s_server.c
113
+@@ -560,6 +560,10 @@
114
+         BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
115
+ # endif
116
+ #endif
117
++	BIO_printf(bio_err," -4            - use IPv4 only\n");
118
++#if OPENSSL_USE_IPV6
119
++	BIO_printf(bio_err," -6            - use IPv6 only\n");
120
++#endif
121
+ 	BIO_printf(bio_err," -keymatexport label   - Export keying material using label\n");
122
+ 	BIO_printf(bio_err," -keymatexportlen len  - Export len bytes of keying material (default 20)\n");
123
+ 	}
124
+@@ -947,6 +951,7 @@
125
+ 	int state=0;
126
+ 	const SSL_METHOD *meth=NULL;
127
+ 	int socket_type=SOCK_STREAM;
128
++	int use_ipv4, use_ipv6;
129
+ 	ENGINE *e=NULL;
130
+ 	char *inrand=NULL;
131
+ 	int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
132
+@@ -975,6 +980,12 @@
133
+ #endif
134
+ 	meth=SSLv23_server_method();
135
+ 
136
++	use_ipv4 = 1;
137
++#if OPENSSL_USE_IPV6
138
++	use_ipv6 = 1;
139
++#else
140
++	use_ipv6 = 0;
141
++#endif
142
+ 	local_argc=argc;
143
+ 	local_argv=argv;
144
+ 
145
+@@ -1323,6 +1334,18 @@
146
+ 			jpake_secret = *(++argv);
147
+ 			}
148
+ #endif
149
++		else if (strcmp(*argv,"-4") == 0)
150
++			{
151
++			use_ipv4 = 1;
152
++			use_ipv6 = 0;
153
++			}
154
++#if OPENSSL_USE_IPV6
155
++		else if (strcmp(*argv,"-6") == 0)
156
++			{
157
++			use_ipv4 = 0;
158
++			use_ipv6 = 1;
159
++			}
160
++#endif
161
+ #ifndef OPENSSL_NO_SRTP
162
+ 		else if (strcmp(*argv,"-use_srtp") == 0)
163
+ 			{
164
+@@ -1881,9 +1904,9 @@
165
+ 	BIO_printf(bio_s_out,"ACCEPT\n");
166
+ 	(void)BIO_flush(bio_s_out);
167
+ 	if (www)
168
+-		do_server(port,socket_type,&accept_socket,www_body, context);
169
++		do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6);
170
+ 	else
171
+-		do_server(port,socket_type,&accept_socket,sv_body, context);
172
++		do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6);
173
+ 	print_stats(bio_s_out,ctx);
174
+ 	ret=0;
175
+ end:
176
+--- openssl-1.0.1h/apps/s_socket.c
177
++++ openssl-1.0.1h/apps/s_socket.c
178
+@@ -97,16 +97,16 @@
179
+ #include "netdb.h"
180
+ #endif
181
+ 
182
+-static struct hostent *GetHostByName(char *name);
183
++static struct hostent *GetHostByName(char *name, int domain);
184
+ #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
185
+ static void ssl_sock_cleanup(void);
186
+ #endif
187
+ static int ssl_sock_init(void);
188
+-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
189
+-static int init_server(int *sock, int port, int type);
190
+-static int init_server_long(int *sock, int port,char *ip, int type);
191
++static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain);
192
++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
193
++static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6);
194
+ static int do_accept(int acc_sock, int *sock, char **host);
195
+-static int host_ip(char *str, unsigned char ip[4]);
196
++static int host_ip(char *str, unsigned char *ip, int domain);
197
+ 
198
+ #ifdef OPENSSL_SYS_WIN16
199
+ #define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
200
+@@ -234,38 +234,68 @@
201
+ 	return(1);
202
+ 	}
203
+ 
204
+-int init_client(int *sock, char *host, int port, int type)
205
++int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
206
+ 	{
207
++#if OPENSSL_USE_IPV6
208
++	unsigned char ip[16];
209
++#else
210
+ 	unsigned char ip[4];
211
++#endif
212
+ 
213
+-	memset(ip, '\0', sizeof ip);
214
+-	if (!host_ip(host,&(ip[0])))
215
+-		return 0;
216
+-	return init_client_ip(sock,ip,port,type);
217
+-	}
218
+-
219
+-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
220
+-	{
221
+-	unsigned long addr;
222
++	if (use_ipv4)
223
++		if (host_ip(host,ip,AF_INET))
224
++			return(init_client_ip(sock,ip,port,type,AF_INET));
225
++#if OPENSSL_USE_IPV6
226
++	if (use_ipv6)
227
++		if (host_ip(host,ip,AF_INET6))
228
++			return(init_client_ip(sock,ip,port,type,AF_INET6));
229
++#endif
230
++	return 0;
231
++	}
232
++
233
++static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
234
++	{
235
++#if OPENSSL_USE_IPV6
236
++	struct sockaddr_storage them;
237
++	struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
238
++	struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
239
++#else
240
+ 	struct sockaddr_in them;
241
++	struct sockaddr_in *them_in = &them;
242
++#endif
243
++	socklen_t addr_len;
244
+ 	int s,i;
245
+ 
246
+ 	if (!ssl_sock_init()) return(0);
247
+ 
248
+ 	memset((char *)&them,0,sizeof(them));
249
+-	them.sin_family=AF_INET;
250
+-	them.sin_port=htons((unsigned short)port);
251
+-	addr=(unsigned long)
252
+-		((unsigned long)ip[0]<<24L)|
253
+-		((unsigned long)ip[1]<<16L)|
254
+-		((unsigned long)ip[2]<< 8L)|
255
+-		((unsigned long)ip[3]);
256
+-	them.sin_addr.s_addr=htonl(addr);
257
++	if (domain == AF_INET)
258
++		{
259
++		addr_len = (socklen_t)sizeof(struct sockaddr_in);
260
++		them_in->sin_family=AF_INET;
261
++		them_in->sin_port=htons((unsigned short)port);
262
++#ifndef BIT_FIELD_LIMITS
263
++		memcpy(&them_in->sin_addr.s_addr, ip, 4);
264
++#else
265
++		memcpy(&them_in->sin_addr, ip, 4);
266
++#endif
267
++		}
268
++	else
269
++#if OPENSSL_USE_IPV6
270
++		{
271
++		addr_len = (socklen_t)sizeof(struct sockaddr_in6);
272
++		them_in6->sin6_family=AF_INET6;
273
++		them_in6->sin6_port=htons((unsigned short)port);
274
++		memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
275
++		}
276
++#else
277
++		return(0);
278
++#endif
279
+ 
280
+ 	if (type == SOCK_STREAM)
281
+-		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
282
++		s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
283
+ 	else /* ( type == SOCK_DGRAM) */
284
+-		s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
285
++		s=socket(domain,SOCK_DGRAM,IPPROTO_UDP);
286
+ 			
287
+ 	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
288
+ 
289
+@@ -277,29 +307,27 @@
290
+ 		if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
291
+ 		}
292
+ #endif
293
+-
294
+-	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
295
++	if (connect(s,(struct sockaddr *)&them,addr_len) == -1)
296
+ 		{ closesocket(s); perror("connect"); return(0); }
297
+ 	*sock=s;
298
+ 	return(1);
299
+ 	}
300
+ 
301
+-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
302
++int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6)
303
+ 	{
304
+ 	int sock;
305
+ 	char *name = NULL;
306
+ 	int accept_socket = 0;
307
+ 	int i;
308
+ 
309
+-	if (!init_server(&accept_socket,port,type)) return(0);
310
+-
311
++	if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0);
312
+ 	if (ret != NULL)
313
+ 		{
314
+ 		*ret=accept_socket;
315
+ 		/* return(1);*/
316
+ 		}
317
+-  	for (;;)
318
+-  		{
319
++	for (;;)
320
++		{
321
+ 		if (type==SOCK_STREAM)
322
+ 			{
323
+ 			if (do_accept(accept_socket,&sock,&name) == 0)
324
+@@ -322,41 +350,88 @@
325
+ 		}
326
+ 	}
327
+ 
328
+-static int init_server_long(int *sock, int port, char *ip, int type)
329
++static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
330
+ 	{
331
+ 	int ret=0;
332
++	int domain;
333
++#if OPENSSL_USE_IPV6
334
++	struct sockaddr_storage server;
335
++	struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
336
++	struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
337
++#else
338
+ 	struct sockaddr_in server;
339
++	struct sockaddr_in *server_in = &server;
340
++#endif
341
++	socklen_t addr_len;
342
+ 	int s= -1;
343
+ 
344
++	if (!use_ipv4 && !use_ipv6)
345
++		goto err;
346
++#if OPENSSL_USE_IPV6
347
++	/* we are fine here */
348
++#else
349
++	if (use_ipv6)
350
++		goto err;
351
++#endif
352
+ 	if (!ssl_sock_init()) return(0);
353
+ 
354
+-	memset((char *)&server,0,sizeof(server));
355
+-	server.sin_family=AF_INET;
356
+-	server.sin_port=htons((unsigned short)port);
357
+-	if (ip == NULL)
358
+-		server.sin_addr.s_addr=INADDR_ANY;
359
+-	else
360
+-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
361
+-#ifndef BIT_FIELD_LIMITS
362
+-		memcpy(&server.sin_addr.s_addr,ip,4);
363
++#if OPENSSL_USE_IPV6
364
++	domain = use_ipv6 ? AF_INET6 : AF_INET;
365
+ #else
366
+-		memcpy(&server.sin_addr,ip,4);
367
++	domain = AF_INET;
368
+ #endif
369
+-	
370
+-		if (type == SOCK_STREAM)
371
+-			s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
372
+-		else /* type == SOCK_DGRAM */
373
+-			s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
374
++	if (type == SOCK_STREAM)
375
++		s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
376
++	else /* type == SOCK_DGRAM */
377
++		s=socket(domain, SOCK_DGRAM,IPPROTO_UDP);
378
+ 
379
+ 	if (s == INVALID_SOCKET) goto err;
380
+ #if defined SOL_SOCKET && defined SO_REUSEADDR
381
++	{
382
++	int j = 1;
383
++	setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
384
++		   (void *) &j, sizeof j);
385
++	}
386
++#endif
387
++#if OPENSSL_USE_IPV6
388
++	if ((use_ipv4 == 0) && (use_ipv6 == 1))
389
++		{
390
++		const int on = 1;
391
++
392
++		setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
393
++		           (const void *) &on, sizeof(int));
394
++		}
395
++#endif
396
++	if (domain == AF_INET)
397
++		{
398
++		addr_len = (socklen_t)sizeof(struct sockaddr_in);
399
++		memset(server_in, 0, sizeof(struct sockaddr_in));
400
++		server_in->sin_family=AF_INET;
401
++		server_in->sin_port = htons((unsigned short)port);
402
++		if (ip == NULL)
403
++			server_in->sin_addr.s_addr = htonl(INADDR_ANY);
404
++		else
405
++/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
406
++#ifndef BIT_FIELD_LIMITS
407
++			memcpy(&server_in->sin_addr.s_addr, ip, 4);
408
++#else
409
++			memcpy(&server_in->sin_addr, ip, 4);
410
++#endif
411
++		}
412
++#if OPENSSL_USE_IPV6
413
++	else
414
+ 		{
415
+-		int j = 1;
416
+-		setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
417
+-			   (void *) &j, sizeof j);
418
++		addr_len = (socklen_t)sizeof(struct sockaddr_in6);
419
++		memset(server_in6, 0, sizeof(struct sockaddr_in6));
420
++		server_in6->sin6_family = AF_INET6;
421
++		server_in6->sin6_port = htons((unsigned short)port);
422
++		if (ip == NULL)
423
++			server_in6->sin6_addr = in6addr_any;
424
++		else
425
++			memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
426
+ 		}
427
+ #endif
428
+-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
429
++	if (bind(s, (struct sockaddr *)&server, addr_len) == -1)
430
+ 		{
431
+ #ifndef OPENSSL_SYS_WINDOWS
432
+ 		perror("bind");
433
+@@ -375,16 +450,23 @@
434
+ 	return(ret);
435
+ 	}
436
+ 
437
+-static int init_server(int *sock, int port, int type)
438
++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
439
+ 	{
440
+-	return(init_server_long(sock, port, NULL, type));
441
++	return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
442
+ 	}
443
+ 
444
+ static int do_accept(int acc_sock, int *sock, char **host)
445
+ 	{
446
+ 	int ret;
447
+ 	struct hostent *h1,*h2;
448
+-	static struct sockaddr_in from;
449
++#if OPENSSL_USE_IPV6
450
++	struct sockaddr_storage from;
451
++	struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
452
++	struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
453
++#else
454
++	struct sockaddr_in from;
455
++	struct sockaddr_in *from_in = &from;
456
++#endif
457
+ 	int len;
458
+ /*	struct linger ling; */
459
+ 
460
+@@ -431,13 +513,23 @@
461
+ */
462
+ 
463
+ 	if (host == NULL) goto end;
464
++#if OPENSSL_USE_IPV6
465
++	if (from.ss_family == AF_INET)
466
++#else
467
++	if (from.sin_family == AF_INET)
468
++#endif
469
+ #ifndef BIT_FIELD_LIMITS
470
+-	/* I should use WSAAsyncGetHostByName() under windows */
471
+-	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
472
+-		sizeof(from.sin_addr.s_addr),AF_INET);
473
++		/* I should use WSAAsyncGetHostByName() under windows */
474
++		h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr,
475
++		                 sizeof(from_in->sin_addr.s_addr), AF_INET);
476
+ #else
477
+-	h1=gethostbyaddr((char *)&from.sin_addr,
478
+-		sizeof(struct in_addr),AF_INET);
479
++		h1=gethostbyaddr((char *)&from_in->sin_addr,
480
++		                 sizeof(struct in_addr), AF_INET);
481
++#endif
482
++#if OPENSSL_USE_IPV6
483
++	else
484
++		h1=gethostbyaddr((char *)&from_in6->sin6_addr,
485
++		                 sizeof(struct in6_addr), AF_INET6);
486
+ #endif
487
+ 	if (h1 == NULL)
488
+ 		{
489
+@@ -455,16 +547,25 @@
490
+ 			}
491
+ 		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
492
+ 
493
+-		h2=GetHostByName(*host);
494
++#if OPENSSL_USE_IPV6		
495
++		h2=GetHostByName(*host, from.ss_family);
496
++#else
497
++		h2=GetHostByName(*host, from.sin_family);
498
++#endif
499
++
500
+ 		if (h2 == NULL)
501
+ 			{
502
+ 			BIO_printf(bio_err,"gethostbyname failure\n");
503
+ 			closesocket(ret);
504
+ 			return(0);
505
+ 			}
506
+-		if (h2->h_addrtype != AF_INET)
507
++#if OPENSSL_USE_IPV6
508
++		if (h2->h_addrtype != from.ss_family)
509
++#else
510
++		if (h2->h_addrtype != from.sin_family)
511
++#endif
512
+ 			{
513
+-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
514
++			BIO_printf(bio_err,"gethostbyname addr address is not correct\n");
515
+ 			closesocket(ret);
516
+ 			return(0);
517
+ 			}
518
+@@ -480,7 +581,7 @@
519
+ 	char *h,*p;
520
+ 
521
+ 	h=str;
522
+-	p=strchr(str,':');
523
++	p=strrchr(str,':');
524
+ 	if (p == NULL)
525
+ 		{
526
+ 		BIO_printf(bio_err,"no port defined\n");
527
+@@ -488,7 +589,7 @@
528
+ 		}
529
+ 	*(p++)='\0';
530
+ 
531
+-	if ((ip != NULL) && !host_ip(str,ip))
532
++	if ((ip != NULL) && !host_ip(str,ip,AF_INET))
533
+ 		goto err;
534
+ 	if (host_ptr != NULL) *host_ptr=h;
535
+ 
536
+@@ -499,48 +600,58 @@
537
+ 	return(0);
538
+ 	}
539
+ 
540
+-static int host_ip(char *str, unsigned char ip[4])
541
++static int host_ip(char *str, unsigned char *ip, int domain)
542
+ 	{
543
+-	unsigned int in[4]; 
544
++	unsigned int in[4];
545
++	unsigned long l;
546
+ 	int i;
547
+ 
548
+-	if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
549
++	if ((domain == AF_INET) &&
550
++	    (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4))
551
+ 		{
552
++		
553
+ 		for (i=0; i<4; i++)
554
+ 			if (in[i] > 255)
555
+ 				{
556
+ 				BIO_printf(bio_err,"invalid IP address\n");
557
+ 				goto err;
558
+ 				}
559
+-		ip[0]=in[0];
560
+-		ip[1]=in[1];
561
+-		ip[2]=in[2];
562
+-		ip[3]=in[3];
563
+-		}
564
++		l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
565
++		memcpy(ip, &l, 4);
566
++		return 1;
567
++		}
568
++#if OPENSSL_USE_IPV6
569
++	else if ((domain == AF_INET6) &&
570
++	         (inet_pton(AF_INET6, str, ip) == 1))
571
++	         return 1;
572
++#endif
573
+ 	else
574
+ 		{ /* do a gethostbyname */
575
+ 		struct hostent *he;
576
+ 
577
+ 		if (!ssl_sock_init()) return(0);
578
+ 
579
+-		he=GetHostByName(str);
580
++		he=GetHostByName(str,domain);
581
+ 		if (he == NULL)
582
+ 			{
583
+ 			BIO_printf(bio_err,"gethostbyname failure\n");
584
+ 			goto err;
585
+ 			}
586
+ 		/* cast to short because of win16 winsock definition */
587
+-		if ((short)he->h_addrtype != AF_INET)
588
++		if ((short)he->h_addrtype != domain)
589
+ 			{
590
+-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
591
++			BIO_printf(bio_err,"gethostbyname addr family is not correct\n");
592
+ 			return(0);
593
+ 			}
594
+-		ip[0]=he->h_addr_list[0][0];
595
+-		ip[1]=he->h_addr_list[0][1];
596
+-		ip[2]=he->h_addr_list[0][2];
597
+-		ip[3]=he->h_addr_list[0][3];
598
++		if (domain == AF_INET)
599
++			memset(ip, 0, 4);
600
++#if OPENSSL_USE_IPV6
601
++		else
602
++			memset(ip, 0, 16);
603
++#endif
604
++		memcpy(ip, he->h_addr_list[0], he->h_length);
605
++		return 1;
606
+ 		}
607
+-	return(1);
608
+ err:
609
+ 	return(0);
610
+ 	}
611
+@@ -577,7 +688,7 @@
612
+ static unsigned long ghbn_hits=0L;
613
+ static unsigned long ghbn_miss=0L;
614
+ 
615
+-static struct hostent *GetHostByName(char *name)
616
++static struct hostent *GetHostByName(char *name, int domain)
617
+ 	{
618
+ 	struct hostent *ret;
619
+ 	int i,lowi=0;
620
+@@ -592,14 +703,20 @@
621
+ 			}
622
+ 		if (ghbn_cache[i].order > 0)
623
+ 			{
624
+-			if (strncmp(name,ghbn_cache[i].name,128) == 0)
625
++			if ((strncmp(name,ghbn_cache[i].name,128) == 0) &&
626
++			    (ghbn_cache[i].ent.h_addrtype == domain))
627
+ 				break;
628
+ 			}
629
+ 		}
630
+ 	if (i == GHBN_NUM) /* no hit*/
631
+ 		{
632
+ 		ghbn_miss++;
633
+-		ret=gethostbyname(name);
634
++		if (domain == AF_INET)
635
++			ret=gethostbyname(name);
636
++#if OPENSSL_USE_IPV6
637
++		else
638
++			ret=gethostbyname2(name, AF_INET6);
639
++#endif
640
+ 		if (ret == NULL) return(NULL);
641
+ 		/* else add to cache */
642
+ 		if(strlen(name) < sizeof ghbn_cache[0].name)
... ...
@@ -0,0 +1,259 @@
1
+# Copyright 1999-2014 Gentoo Foundation
2
+# Distributed under the terms of the GNU General Public License v2
3
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1i.ebuild,v 1.12 2014/09/19 10:34:21 ago Exp $
4
+
5
+EAPI="4"
6
+
7
+inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
8
+
9
+REV="1.7"
10
+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
11
+HOMEPAGE="http://www.openssl.org/"
12
+SRC_URI="mirror://openssl/source/${P}.tar.gz
13
+	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
14
+
15
+LICENSE="openssl"
16
+SLOT="0"
17
+KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
18
+IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib -ssl3"
19
+
20
+# The blocks are temporary just to make sure people upgrade to a
21
+# version that lack runtime version checking.  We'll drop them in
22
+# the future.
23
+RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
24
+	zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
25
+	kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )
26
+	abi_x86_32? (
27
+		!<=app-emulation/emul-linux-x86-baselibs-20140406-r3
28
+		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
29
+	)
30
+	!<net-misc/openssh-5.9_p1-r4
31
+	!<net-libs/neon-0.29.6-r1"
32
+DEPEND="${RDEPEND}
33
+	sys-apps/diffutils
34
+	>=dev-lang/perl-5
35
+	test? ( sys-devel/bc )"
36
+PDEPEND="app-misc/ca-certificates"
37
+
38
+src_unpack() {
39
+	unpack ${P}.tar.gz
40
+	SSL_CNF_DIR="/etc/ssl"
41
+	sed \
42
+		-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
43
+		-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
44
+		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
45
+		> "${WORKDIR}"/c_rehash || die #416717
46
+}
47
+
48
+MULTILIB_WRAPPED_HEADERS=(
49
+	usr/include/openssl/opensslconf.h
50
+)
51
+
52
+src_prepare() {
53
+	# Make sure we only ever touch Makefile.org and avoid patching a file
54
+	# that gets blown away anyways by the Configure script in src_configure
55
+	rm -f Makefile
56
+
57
+	if ! use vanilla ; then
58
+		epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
59
+		epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
60
+		epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
61
+		epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
62
+		epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
63
+		epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch
64
+		epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584
65
+		epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086
66
+		epatch_user #332661
67
+	fi
68
+
69
+	# disable fips in the build
70
+	# make sure the man pages are suffixed #302165
71
+	# don't bother building man pages if they're disabled
72
+	sed -i \
73
+		-e '/DIRS/s: fips : :g' \
74
+		-e '/^MANSUFFIX/s:=.*:=ssl:' \
75
+		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
76
+		-e $(has noman FEATURES \
77
+			&& echo '/^install:/s:install_docs::' \
78
+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
79
+		Makefile.org \
80
+		|| die
81
+	# show the actual commands in the log
82
+	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
83
+
84
+	# since we're forcing $(CC) as makedep anyway, just fix
85
+	# the conditional as always-on
86
+	# helps clang (#417795), and versioned gcc (#499818)
87
+	sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
88
+
89
+	# quiet out unknown driver argument warnings since openssl
90
+	# doesn't have well-split CFLAGS and we're making it even worse
91
+	# and 'make depend' uses -Werror for added fun (#417795 again)
92
+	[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
93
+
94
+	# allow openssl to be cross-compiled
95
+	cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
96
+	chmod a+rx gentoo.config
97
+
98
+	append-flags -fno-strict-aliasing
99
+	append-flags $(test-flags-CC -Wa,--noexecstack)
100
+
101
+	sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
102
+	# The config script does stupid stuff to prompt the user.  Kill it.
103
+	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
104
+	./config --test-sanity || die "I AM NOT SANE"
105
+
106
+	multilib_copy_sources
107
+}
108
+
109
+multilib_src_configure() {
110
+	unset APPS #197996
111
+	unset SCRIPTS #312551
112
+	unset CROSS_COMPILE #311473
113
+
114
+	tc-export CC AR RANLIB RC
115
+
116
+	# Clean out patent-or-otherwise-encumbered code
117
+	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)
118
+	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
119
+	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
120
+	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2
121
+	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5
122
+
123
+	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
124
+	echoit() { echo "$@" ; "$@" ; }
125
+
126
+	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
127
+
128
+	# See if our toolchain supports __uint128_t.  If so, it's 64bit
129
+	# friendly and can use the nicely optimized code paths. #460790
130
+	local ec_nistp_64_gcc_128
131
+	# Disable it for now though #469976
132
+	#if ! use bindist ; then
133
+	#	echo "__uint128_t i;" > "${T}"/128.c
134
+	#	if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
135
+	#		ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
136
+	#	fi
137
+	#fi
138
+
139
+	local sslout=$(./gentoo.config)
140
+	einfo "Use configuration ${sslout:-(openssl knows best)}"
141
+	local config="Configure"
142
+	[[ -z ${sslout} ]] && config="config"
143
+
144
+	echoit \
145
+	./${config} \
146
+		${sslout} \
147
+		$(use sse2 || echo "no-sse2") \
148
+		enable-camellia \
149
+		$(use_ssl !bindist ec) \
150
+		${ec_nistp_64_gcc_128} \
151
+		enable-idea \
152
+		enable-mdc2 \
153
+		$(use_ssl !bindist rc5) \
154
+		enable-tlsext \
155
+		$(use_ssl gmp gmp -lgmp) \
156
+		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
157
+		$(use_ssl rfc3779) \
158
+		$(use_ssl tls-heartbeat heartbeats) \
159
+		$(use_ssl zlib) \
160
+		--prefix="${EPREFIX}"/usr \
161
+		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
162
+		--libdir=$(get_libdir) \
163
+		shared threads \
164
+		$(use_ssl ssl3) \
165
+		|| die
166
+
167
+	# Clean out hardcoded flags that openssl uses
168
+	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
169
+		-e 's:^CFLAG=::' \
170
+		-e 's:-fomit-frame-pointer ::g' \
171
+		-e 's:-O[0-9] ::g' \
172
+		-e 's:-march=[-a-z0-9]* ::g' \
173
+		-e 's:-mcpu=[-a-z0-9]* ::g' \
174
+		-e 's:-m[a-z0-9]* ::g' \
175
+	)
176
+	sed -i \
177
+		-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
178
+		-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
179
+		Makefile || die
180
+}
181
+
182
+multilib_src_compile() {
183
+	# depend is needed to use $confopts; it also doesn't matter
184
+	# that it's -j1 as the code itself serializes subdirs
185
+	emake -j1 depend
186
+	emake all
187
+	# rehash is needed to prep the certs/ dir; do this
188
+	# separately to avoid parallel build issues.
189
+	emake rehash
190
+}
191
+
192
+multilib_src_test() {
193
+	emake -j1 test
194
+}
195
+
196
+multilib_src_install() {
197
+	emake INSTALL_PREFIX="${D}" install
198
+}
199
+
200
+multilib_src_install_all() {
201
+	dobin "${WORKDIR}"/c_rehash #333117
202
+	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
203
+	dohtml -r doc/*
204
+	use rfc3779 && dodoc engines/ccgost/README.gost
205
+
206
+	# This is crappy in that the static archives are still built even
207
+	# when USE=static-libs.  But this is due to a failing in the openssl
208
+	# build system: the static archives are built as PIC all the time.
209
+	# Only way around this would be to manually configure+compile openssl
210
+	# twice; once with shared lib support enabled and once without.
211
+	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
212
+
213
+	# create the certs directory
214
+	dodir ${SSL_CNF_DIR}/certs
215
+	cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
216
+	rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
217
+
218
+	# Namespace openssl programs to prevent conflicts with other man pages
219
+	cd "${ED}"/usr/share/man
220
+	local m d s
221
+	for m in $(find . -type f | xargs grep -L '#include') ; do
222
+		d=${m%/*} ; d=${d#./} ; m=${m##*/}
223
+		[[ ${m} == openssl.1* ]] && continue
224
+		[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
225
+		mv ${d}/{,ssl-}${m}
226
+		# fix up references to renamed man pages
227
+		sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
228
+		ln -s ssl-${m} ${d}/openssl-${m}
229
+		# locate any symlinks that point to this man page ... we assume
230
+		# that any broken links are due to the above renaming
231
+		for s in $(find -L ${d} -type l) ; do
232
+			s=${s##*/}
233
+			rm -f ${d}/${s}
234
+			ln -s ssl-${m} ${d}/ssl-${s}
235
+			ln -s ssl-${s} ${d}/openssl-${s}
236
+		done
237
+	done
238
+	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
239
+
240
+	dodir /etc/sandbox.d #254521
241
+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
242
+
243
+	diropts -m0700
244
+	keepdir ${SSL_CNF_DIR}/private
245
+}
246
+
247
+pkg_preinst() {
248
+	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
249
+	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
250
+}
251
+
252
+pkg_postinst() {
253
+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
254
+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
255
+	eend $?
256
+
257
+	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
258
+	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
259
+}
0 260