pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/openssl
Module Name: pkgsrc
Committed By: jperkin
Date: Thu Jan 16 13:30:29 UTC 2020
Modified Files:
pkgsrc/security/openssl: Makefile buildlink3.mk builtin.mk distinfo
Added Files:
pkgsrc/security/openssl/patches:
patch-Configurations_unix-Makefile.tmpl
Removed Files:
pkgsrc/security/openssl: PLIST.OSF1 PLIST.common PLIST.shlib
pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org
patch-Makefile.shared patch-apps_Makefile patch-config
patch-crypto_bn_bn__prime.pl patch-crypto_des_Makefile
patch-tools_Makefile
Log Message:
openssl: Update to 1.1.1d.
This is a major upgrade to the current LTS release. 1.0.2 and 1.1.0 are now
out of support and should not be used.
pkgsrc changes include a large cleanup of patches and targets, many of which
were clearly bogus, for example a CONFLICTS entry against a package that has
never existed, and one that was removed in 1999.
Tested on SmartOS, macOS, and NetBSD. Used for the SmartOS pkgsrc-2019Q4 LTS
release.
There are far too many individual changes to list, so the following text is
instead taken from the 1.1.1 blog announcement:
--------------------------------------------------------------------------
After two years of work we are excited to be releasing our latest version today
- OpenSSL 1.1.1. This is also our new Long Term Support (LTS) version and so we
are committing to support it for at least five years.
OpenSSL 1.1.1 has been a huge team effort with nearly 5000 commits having been
made from over 200 individual contributors since the release of OpenSSL 1.1.0.
These statistics just illustrate the amazing vitality and diversity of the
OpenSSL community. The contributions didn't just come in the form of commits
though. There has been a great deal of interest in this new version so thanks
needs to be extended to the large number of users who have downloaded the beta
releases to test them out and report bugs.
The headline new feature is TLSv1.3. This new version of the Transport Layer
Security (formerly known as SSL) protocol was published by the IETF just one
month ago as RFC8446. This is a major rewrite of the standard and introduces
significant changes, features and improvements which have been reflected in the
new OpenSSL version.
What's more is that OpenSSL 1.1.1 is API and ABI compliant with OpenSSL 1.1.0
so most applications that work with 1.1.0 can gain many of the benefits of
TLSv1.3 simply by dropping in the new OpenSSL version. Since TLSv1.3 works very
differently to TLSv1.2 though there are a few caveats that may impact a
minority of applications. See the TLSv1.3 page on the OpenSSL wiki for more
details.
Some of the benefits of TLSv1.3 include:
* Improved connection times due to a reduction in the number of round trips
required between the client and server
* The ability, in certain circumstances, for clients to start sending
encrypted data to the server straight away without any round trips with the
server required (a feature known as 0-RTT or “early data”).
* Improved security due to the removal of various obsolete and insecure
cryptographic algorithms and encryption of more of the connection handshake
Other features in the 1.1.1 release include:
* Complete rewrite of the OpenSSL random number generator to introduce the
following capabilities:
* The default RAND method now utilizes an AES-CTR DRBG according to NIST
standard SP 800-90Ar1.
* Support for multiple DRBG instances with seed chaining.
* There is a public and private DRBG instance.
* The DRBG instances are fork-safe.
* Keep all global DRBG instances on the secure heap if it is enabled.
* The public and private DRBG instance are per thread for lock free
operation
* Support for various new cryptographic algorithms including:
* SHA3
* SHA512/224 and SHA512/256
* EdDSA (including Ed25519 and Ed448)
* X448 (adding to the existing X25519 support in 1.1.0)
* Multi-prime RSA
* SM2
* SM3
* SM4
* SipHash
* ARIA (including TLS support)
* Signficant Side-Channel attack security improvements
* Maximum Fragment Length TLS extension support
* A new STORE module, which implements a uniform and URI based reader of
stores that can contain keys, certificates, CRLs and numerous other objects.
Since 1.1.1 is our new LTS release we are strongly advising all users to
upgrade as soon as possible. For most applications this should be straight
forward if they are written to work with OpenSSL 1.1.0. Since OpenSSL 1.1.0 is
not an LTS release it will start receiving security fixes only with immediate
affect as per our previous announcement and as published in our release
strategy. It will cease receiving all support in one years time.
Our previous LTS release (OpenSSL 1.0.2) will continue to receive full support
until the end of this year. After that it will receive security fixes only. It
will stop receiving all support at the end of 2019. Users of that release are
strongly advised to upgrade to OpenSSL 1.1.1.
To generate a diff of this commit:
cvs rdiff -u -r1.247 -r1.248 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/PLIST.OSF1
cvs rdiff -u -r1.34 -r0 pkgsrc/security/openssl/PLIST.common
cvs rdiff -u -r1.3 -r0 pkgsrc/security/openssl/PLIST.shlib
cvs rdiff -u -r1.52 -r1.53 pkgsrc/security/openssl/buildlink3.mk
cvs rdiff -u -r1.44 -r1.45 pkgsrc/security/openssl/builtin.mk
cvs rdiff -u -r1.136 -r1.137 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/security/openssl/patches/patch-Configurations_unix-Makefile.tmpl
cvs rdiff -u -r1.8 -r0 pkgsrc/security/openssl/patches/patch-Configure
cvs rdiff -u -r1.5 -r0 pkgsrc/security/openssl/patches/patch-Makefile.org
cvs rdiff -u -r1.6 -r0 pkgsrc/security/openssl/patches/patch-Makefile.shared
cvs rdiff -u -r1.4 -r0 pkgsrc/security/openssl/patches/patch-apps_Makefile \
pkgsrc/security/openssl/patches/patch-config \
pkgsrc/security/openssl/patches/patch-crypto_bn_bn__prime.pl \
pkgsrc/security/openssl/patches/patch-crypto_des_Makefile \
pkgsrc/security/openssl/patches/patch-tools_Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/openssl/Makefile
diff -u pkgsrc/security/openssl/Makefile:1.247 pkgsrc/security/openssl/Makefile:1.248
--- pkgsrc/security/openssl/Makefile:1.247 Thu Jan 2 20:31:05 2020
+++ pkgsrc/security/openssl/Makefile Thu Jan 16 13:30:29 2020
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.247 2020/01/02 20:31:05 sevan Exp $
+# $NetBSD: Makefile,v 1.248 2020/01/16 13:30:29 jperkin Exp $
-DISTNAME= openssl-1.0.2u
+DISTNAME= openssl-1.1.1d
CATEGORIES= security
MASTER_SITES= https://www.openssl.org/source/
@@ -9,140 +9,19 @@ HOMEPAGE= https://www.openssl.org/
COMMENT= Secure Socket Layer and cryptographic library
LICENSE= openssl
-CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]*
-
-BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs
-
USE_GCC_RUNTIME= yes
-USE_TOOLS+= fgrep gmake makedepend perl:run
+USE_TOOLS+= fgrep gmake makedepend perl
BUILD_TARGET= depend all
TEST_TARGET= tests
-MAKE_JOBS_SAFE= no
HAS_CONFIGURE= yes
CONFIGURE_SCRIPT= ./config
CONFIGURE_ARGS+= --prefix=${PREFIX}
-CONFIGURE_ARGS+= --install_prefix=${DESTDIR}
CONFIGURE_ARGS+= --openssldir=${PKG_SYSCONFDIR}
-CONFIGURE_ARGS+= shared no-fips
-
-.include "../../mk/compiler.mk"
+CONFIGURE_ARGS+= shared
-# Avoid dependency on 'makedepend' on platforms where the default CC is set
-# to 'cc' not 'gcc' in boostrap-mk-files. OpenSSL only supports the latter.
-.if !empty(PKGSRC_COMPILER:Mgcc) && ${CC} == "cc"
-CC= gcc
-.endif
-
-.if ${OPSYS} == "SunOS"
-. if ${MACHINE_ARCH} == "sparc"
-OPENSSL_MACHINE_ARCH= sparcv7
-. elif ${MACHINE_ARCH} == "sparc64"
-OPENSSL_MACHINE_ARCH= sparcv9
-. elif ${MACHINE_ARCH} == "i386"
-OPENSSL_MACHINE_ARCH= x86
-. elif ${MACHINE_ARCH} == "x86_64"
-OPENSSL_MACHINE_ARCH= ${MACHINE_ARCH}
-. endif
-# only override the configure target if we know the platform, falling
-# back to ./config's autodetection if not.
-. if defined(OPENSSL_MACHINE_ARCH) && !empty(OPENSSL_MACHINE_ARCH)
-CONFIGURE_SCRIPT= ./Configure
-. if !empty(PKGSRC_COMPILER:Mclang) || !empty(PKGSRC_COMPILER:Mgcc)
-CONFIGURE_ARGS+= solaris${${ABI}==64:?64:}-${OPENSSL_MACHINE_ARCH}-gcc
-. else
-CONFIGURE_ARGS+= solaris${${ABI}==64:?64:}-${OPENSSL_MACHINE_ARCH}-cc
-. endif
-. endif
-.elif ${OPSYS} == "IRIX"
-CONFIGURE_ARGS+= no-asm
-. if defined(ABI) && ${ABI} == "64"
-CONFIGURE_SCRIPT= ./Configure
-. if !empty(CC_VERSION:Mgcc*)
-CONFIGURE_ARGS+= irix64-mips4-gcc
-. else
-CONFIGURE_ARGS+= irix64-mips4-cc
-. endif
-. endif
-.elif ${OPSYS} == "OSF1"
-USE_PLIST_SHLIB= no
-CONFIGURE_SCRIPT= ./Configure
-. if !empty(CC_VERSION:Mgcc*)
-CONFIGURE_ARGS+= tru64-alpha-gcc
-. else
-CONFIGURE_ARGS+= tru64-alpha-cc
-. endif
-.elif ${OPSYS} == "Darwin"
-CONFIGURE_SCRIPT= ./Configure
-. if defined(ABI) && ${ABI} == "64"
-_OS= darwin64
-. else
-_OS= darwin
-. endif
-. if ${MACHINE_ARCH:Mpowerpc*}
-_ARCH= ppc
-. else
-_ARCH= ${MACHINE_ARCH}
-. endif
-CONFIGURE_ARGS+= ${_OS}-${_ARCH}-cc
-
-SUBST_CLASSES+= dl
-SUBST_MESSAGE.dl= Adding dynamic link compatibility library.
-SUBST_STAGE.dl= post-configure
-SUBST_FILES.dl= Makefile apps/Makefile crypto/Makefile \
- crypto/pkcs7/Makefile test/Makefile
-SUBST_SED.dl= -e 's,^EX_LIBS=,EX_LIBS=${DL_LDFLAGS:Q} ,g'
-
-.elif ${OPSYS} == "AIX"
-CONFIGURE_SCRIPT= ./Configure
-. if defined(ABI) && ${ABI} == "64"
-. if !empty(CC_VERSION:Mgcc*)
-CONFIGURE_ARGS+= aix64-gcc
-. else
-CONFIGURE_ARGS+= aix64-cc
-. endif
-. else
-. if !empty(CC_VERSION:Mgcc*)
-CONFIGURE_ARGS+= aix-gcc
-. else
-CONFIGURE_ARGS+= aix-cc
-. endif
-. endif
-.elif ${OPSYS} == "Interix"
-SUBST_CLASSES+= soname
-SUBST_STAGE.soname= post-configure
-SUBST_FILES.soname= Makefile.shared
-SUBST_SED.soname= -e 's/-Wl,-soname=/-Wl,-h,/g'
-.elif ${OPSYS} == "HPUX"
-CONFIGURE_SCRIPT= ./Configure
-. if defined(ABI) && ${ABI} == "64"
-. if ${MACHINE_ARCH} == "hppa64"
-CONFIGURE_ARGS+= hpux64-parisc2-${CC}
-. else
-CONFIGURE_ARGS+= hpux64-ia64-${CC}
-. endif
-. else
-. if ${MACHINE_ARCH} == "hppa"
-CONFIGURE_ARGS+= hpux-parisc-${CC}
-. else
-CONFIGURE_ARGS+= hpux-ia64-${CC}
-. endif
-. endif
-.elif ${OPSYS} == "Linux"
-. if ${MACHINE_ARCH} == "powerpc64"
-CONFIGURE_SCRIPT= ./Configure
-CONFIGURE_ARGS+= linux-ppc64
-. elif ${MACHINE_ARCH} == "i386"
-CONFIGURE_SCRIPT= ./Configure
-CONFIGURE_ARGS+= linux-elf
-. endif
-.elif ${OS_VARIANT} == "SCOOSR5"
-# SIGILL in _sha1_block_data_order_ssse3().
-CONFIGURE_ARGS+= no-sse2
-.endif
-
-.include "../../security/openssl/options.mk"
+.include "options.mk"
CONFIGURE_ARGS+= ${CFLAGS} ${LDFLAGS}
CONFIGURE_ENV+= PERL=${PERL5:Q}
@@ -150,14 +29,6 @@ CONFIGURE_ENV+= PERL=${PERL5:Q}
PKGCONFIG_OVERRIDE+= libcrypto.pc libssl.pc openssl.pc
PKGCONFIG_OVERRIDE_STAGE= post-build
-PLIST_SRC+= ${PKGDIR}/PLIST.common
-USE_PLIST_SHLIB?= yes
-.if ${USE_PLIST_SHLIB} == "yes"
-PLIST_SRC+= ${PKGDIR}/PLIST.shlib
-.endif
-PLIST_SUBST+= SHLIB_VERSION=${OPENSSL_VERS:C/[^0-9]*$//}
-PLIST_SUBST+= SHLIB_MAJOR=${OPENSSL_VERS:C/\..*$//}
-
PKG_SYSCONFSUBDIR= openssl
CONF_FILES= ${PREFIX}/share/examples/openssl/openssl.cnf \
${PKG_SYSCONFDIR}/openssl.cnf
@@ -165,21 +36,30 @@ OWN_DIRS= ${PKG_SYSCONFDIR}/certs ${PKG
INSTALLATION_DIRS+= share/examples/openssl
-# Fix the path to perl in various scripts.
-pre-configure:
- cd ${WRKSRC} && ${PERL5} util/perlpath.pl ${PERL5}
-
-# BN_print.3 and bn_print.3 cannot co-exist on Darwin, we choose to remove
-# bn_print.3 simply because it has more aliases to the same manual page.
-PLIST_VARS+= notmac
-.if ${OPSYS} == "Darwin"
+#
+# Note that this package cannot be updated solely from Darwin, it relies on
+# shlib-dylib.awk to convert the normal .so entries to dylib, which doesn't
+# work the other way around. The lib/engines-1.1 plugins also need special
+# handling.
+#
+OPSYSVARS+= SOEXT
+SOEXT.Darwin= dylib
+SOEXT.*= so
+PLIST_SUBST+= SOEXT=${SOEXT}
+
+PRINT_PLIST_AWK+= /^lib\/engines/ { gsub(/\.${SOEXT}$$/, ".$${SOEXT}"); }
+
+#
+# Get rid of ridiculous namespace collisions like passwd.1 and just leave the
+# openssl-*.1 style variants. On a more practical note this avoids creating
+# a conflict with moreutils (ts.1).
+#
post-install:
- ${CP} -p ${DESTDIR}${PREFIX}/${PKGMANDIR}/man3/BN_print.3 ${WRKDIR}
- ${RM} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man3/bn_print.3*
- ${MV} -f ${WRKDIR}/BN_print.3 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man3
-.else
-PLIST.notmac= yes
-.endif
+ cd ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1; \
+ for f in openssl-*; do \
+ ${RM} -f $${f}; \
+ ${MV} `${ECHO} $${f} | ${SED} -e 's/openssl-//'` $${f}; \
+ done
.include "../../mk/dlopen.buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/security/openssl/buildlink3.mk
diff -u pkgsrc/security/openssl/buildlink3.mk:1.52 pkgsrc/security/openssl/buildlink3.mk:1.53
--- pkgsrc/security/openssl/buildlink3.mk:1.52 Sun Jan 7 13:04:30 2018
+++ pkgsrc/security/openssl/buildlink3.mk Thu Jan 16 13:30:29 2020
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.52 2018/01/07 13:04:30 rillig Exp $
+# $NetBSD: buildlink3.mk,v 1.53 2020/01/16 13:30:29 jperkin Exp $
BUILDLINK_TREE+= openssl
@@ -7,8 +7,8 @@ OPENSSL_BUILDLINK3_MK:=
.include "../../mk/bsd.fast.prefs.mk"
-BUILDLINK_API_DEPENDS.openssl+= openssl>=1.0.1c
-BUILDLINK_ABI_DEPENDS.openssl+= openssl>=1.0.2gnb1
+BUILDLINK_API_DEPENDS.openssl+= openssl>=1.1.1d
+BUILDLINK_ABI_DEPENDS.openssl+= openssl>=1.1.1d
BUILDLINK_PKGSRCDIR.openssl?= ../../security/openssl
# Ensure that -lcrypt comes before -lcrypto when linking so that the
Index: pkgsrc/security/openssl/builtin.mk
diff -u pkgsrc/security/openssl/builtin.mk:1.44 pkgsrc/security/openssl/builtin.mk:1.45
--- pkgsrc/security/openssl/builtin.mk:1.44 Mon Nov 4 21:12:56 2019
+++ pkgsrc/security/openssl/builtin.mk Thu Jan 16 13:30:29 2020
@@ -1,8 +1,8 @@
-# $NetBSD: builtin.mk,v 1.44 2019/11/04 21:12:56 rillig Exp $
+# $NetBSD: builtin.mk,v 1.45 2020/01/16 13:30:29 jperkin Exp $
BUILTIN_PKG:= openssl
-BUILTIN_FIND_LIBS:= crypto des ssl
+BUILTIN_FIND_LIBS:= crypto ssl
BUILTIN_FIND_HEADERS_VAR:= H_OPENSSLCONF H_OPENSSLV
BUILTIN_FIND_HEADERS.H_OPENSSLCONF= openssl/opensslconf.h
BUILTIN_FIND_HEADERS.H_OPENSSLV= openssl/opensslv.h
@@ -48,7 +48,7 @@ BUILTIN_VERSION.openssl!= \
} else if (i > 26) { \
patchlevel = "a"; \
} else { \
- patchlevel = substr(alpha,i,1); \
+ patchlevel = substr(alpha,i,1); \
} \
printf "%s%s%s%s\n", \
major, minor, teeny, patchlevel; \
@@ -133,76 +133,6 @@ BUILDLINK_PREFIX.openssl= /boot/common
. endif
. endif
-# By default, we don't bother with the old DES API.
-USE_OLD_DES_API?= no
-. if !empty(USE_OLD_DES_API:M[yY][eE][sS])
-#
-# If we're using the old DES API, then check to see if the old DES
-# code was factored out into a separate library and header files and
-# no longer a part of libcrypto.
-#
-. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
-. if exists(${BUILDLINK_PREFIX.openssl}/include/des.h) && \
- !empty(BUILTIN_LIB_FOUND.des:M[yY][eE][sS])
-BUILDLINK_TRANSFORM+= l:crypto:des:crypto
-WRAPPER_REORDER_CMDS+= reorder:l:des:crypto
-. endif
-. endif
-
-# The idea is to avoid the need to patch source files for packages that
-# use OpenSSL for DES support by ensuring that including <openssl/des.h>
-# will always present the old DES API.
-#
-# (1) If des_old.h exists, then we're using OpenSSL>=0.9.7, and
-# <openssl/des.h> already does the right thing.
-#
-# (2) If des_old.h doesn't exist, then one of two things is happening:
-# (a) If <openssl/des.h> is old and (only) supports the old DES API,
-# then <openssl/des.h> does the right thing.
-# (b) If it's NetBSD's Special(TM) one that stripped out the old DES
-# support into a separate library and header (-ldes, <des.h>),
-# then we create a new header <openssl/des.h> that includes the
-# system one and <des.h>, and we create an <openssl/des_old.h>
-# that just includes <des.h>.
-#
-BUILDLINK_TARGETS+= buildlink-openssl-des-h
-. if !target(buildlink-openssl-des-h)
-.PHONY: buildlink-openssl-des-h
-buildlink-openssl-des-h:
- ${RUN} \
- bl_odes_h="${BUILDLINK_DIR}/include/openssl/des.h"; \
- bl_odes_old_h="${BUILDLINK_DIR}/include/openssl/des_old.h"; \
- odes_h="${BUILDLINK_PREFIX.openssl}/include/openssl/des.h"; \
- odes_old_h="${BUILDLINK_PREFIX.openssl}/include/openssl/des_old.h"; \
- des_h="${BUILDLINK_PREFIX.openssl}/include/des.h"; \
- if ${TEST} -f "$$odes_old_h"; then \
- ${ECHO_BUILDLINK_MSG} "<openssl/des.h> supports old DES API."; \
- exit 0; \
- elif ${GREP} -q "des_cblock" "$$odes_h" 2>/dev/null; then \
- ${ECHO_BUILDLINK_MSG} "<openssl/des.h> supports old DES API."; \
- exit 0; \
- elif ${TEST} -f "$$des_h" -a -f "$$odes_h"; then \
- ${ECHO_BUILDLINK_MSG} "Creating $$bl_odes_h"; \
- ${RM} -f $$bl_odes_h; \
- ${MKDIR} `${DIRNAME} $$bl_odes_h`; \
- ( ${ECHO} "/* Created by openssl/builtin.mk:${.TARGET} */"; \
- ${ECHO} "#include \"$$odes_h\""; \
- ${ECHO} "#include \"$$des_h\""; \
- ) > $$bl_odes_h; \
- ${ECHO_BUILDLINK_MSG} "Creating $$bl_odes_old_h"; \
- ${RM} -f $$bl_odes_old_h; \
- ${MKDIR} `${DIRNAME} $$bl_odes_old_h`; \
- ( ${ECHO} "/* Created by openssl/builtin.mk:${.TARGET} */"; \
- ${ECHO} "#include \"$$des_h\""; \
- ) > $$bl_odes_old_h; \
- exit 0; \
- else \
- ${ECHO} "Unable to find headers for old DES API."; \
- exit 1; \
- fi
-. endif
-. endif # USE_OLD_DES_API == yes
-
. if defined(PKG_SYSCONFDIR.openssl)
SSLDIR= ${PKG_SYSCONFDIR.openssl}
. elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
Index: pkgsrc/security/openssl/distinfo
diff -u pkgsrc/security/openssl/distinfo:1.136 pkgsrc/security/openssl/distinfo:1.137
--- pkgsrc/security/openssl/distinfo:1.136 Thu Jan 2 20:31:05 2020
+++ pkgsrc/security/openssl/distinfo Thu Jan 16 13:30:29 2020
@@ -1,14 +1,7 @@
-$NetBSD: distinfo,v 1.136 2020/01/02 20:31:05 sevan Exp $
+$NetBSD: distinfo,v 1.137 2020/01/16 13:30:29 jperkin Exp $
-SHA1 (openssl-1.0.2u.tar.gz) = 740916d79ab0d209d2775277b1c6c3ec2f6502b2
-RMD160 (openssl-1.0.2u.tar.gz) = b8e7e5df9582e29fdd00bd03d47e980a39ba11ab
-SHA512 (openssl-1.0.2u.tar.gz) = c455bb309e20e2c2d47fdc5619c734d107d5c8c38c1409903ce979acc120b0d5fa0312917c0aa0d630e402d092a703d4249643f36078e8528a3cafc9dac6ab32
-Size (openssl-1.0.2u.tar.gz) = 5355412 bytes
-SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b
-SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b
-SHA1 (patch-Makefile.shared) = 273154600c6cf0cf4de4ae16d56c5555bca5f9ad
-SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30
-SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31
-SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8
-SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2
-SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc
+SHA1 (openssl-1.1.1d.tar.gz) = 056057782325134b76d1931c48f2c7e6595d7ef4
+RMD160 (openssl-1.1.1d.tar.gz) = 86401a37e3e36c63d3619e3e699a3bfd9ea1e042
+SHA512 (openssl-1.1.1d.tar.gz) = 2bc9f528c27fe644308eb7603c992bac8740e9f0c3601a130af30c9ffebbf7e0f5c28b76a00bbb478bad40fbe89b4223a58d604001e1713da71ff4b7fe6a08a7
+Size (openssl-1.1.1d.tar.gz) = 8845861 bytes
+SHA1 (patch-Configurations_unix-Makefile.tmpl) = 160466226b58f391c5096e0ba38ee298002296dc
Added files:
Index: pkgsrc/security/openssl/patches/patch-Configurations_unix-Makefile.tmpl
diff -u /dev/null pkgsrc/security/openssl/patches/patch-Configurations_unix-Makefile.tmpl:1.1
--- /dev/null Thu Jan 16 13:30:29 2020
+++ pkgsrc/security/openssl/patches/patch-Configurations_unix-Makefile.tmpl Thu Jan 16 13:30:29 2020
@@ -0,0 +1,102 @@
+$NetBSD: patch-Configurations_unix-Makefile.tmpl,v 1.1 2020/01/16 13:30:29 jperkin Exp $
+
+Use pkgsrc layout.
+Do not install HTML documentation.
+
+--- Configurations/unix-Makefile.tmpl.orig 2019-09-10 13:13:07.000000000 +0000
++++ Configurations/unix-Makefile.tmpl
+@@ -274,8 +274,9 @@ libdir={- File::Spec::Win32->file_name_i
+ ? $libdir : '$(INSTALLTOP)/$(LIBDIR)' -}
+ {- output_on() if $config{target} !~ /^mingw/; "" -}
+
+-MANDIR=$(INSTALLTOP)/share/man
++MANDIR=$(INSTALLTOP)/$(PKGMANDIR)
+ DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
++EXAMPLEDIR=$(INSTALLTOP)/share/examples/openssl
+ HTMLDIR=$(DOCDIR)/html
+
+ # MANSUFFIX is for the benefit of anyone who may want to have a suffix
+@@ -544,54 +545,54 @@ install_sw: install_dev install_engines
+
+ uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
+
+-install_docs: install_man_docs install_html_docs
++install_docs: install_man_docs
+
+ uninstall_docs: uninstall_man_docs uninstall_html_docs
+ $(RM) -r $(DESTDIR)$(DOCDIR)
+
+ install_ssldirs:
+- @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/certs
+- @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/private
+- @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/misc
++ @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(EXAMPLEDIR)/certs
++ @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(EXAMPLEDIR)/private
++ @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(EXAMPLEDIR)/misc
+ @set -e; for x in dummy $(MISC_SCRIPTS); do \
+ if [ "$$x" = "dummy" ]; then continue; fi; \
+ x1=`echo "$$x" | cut -f1 -d:`; \
+ x2=`echo "$$x" | cut -f2 -d:`; \
+ fn=`basename $$x1`; \
+- $(ECHO) "install $$x1 -> $(DESTDIR)$(OPENSSLDIR)/misc/$$fn"; \
+- cp $$x1 $(DESTDIR)$(OPENSSLDIR)/misc/$$fn.new; \
+- chmod 755 $(DESTDIR)$(OPENSSLDIR)/misc/$$fn.new; \
+- mv -f $(DESTDIR)$(OPENSSLDIR)/misc/$$fn.new \
+- $(DESTDIR)$(OPENSSLDIR)/misc/$$fn; \
++ $(ECHO) "install $$x1 -> $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn"; \
++ cp $$x1 $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn.new; \
++ chmod 755 $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn.new; \
++ mv -f $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn.new \
++ $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn; \
+ if [ "$$x1" != "$$x2" ]; then \
+ ln=`basename "$$x2"`; \
+ : {- output_off() unless windowsdll(); "" -}; \
+- $(ECHO) "copy $(DESTDIR)$(OPENSSLDIR)/misc/$$ln -> $(DESTDIR)$(OPENSSLDIR)/misc/$$fn"; \
+- cp $(DESTDIR)$(OPENSSLDIR)/misc/$$fn $(DESTDIR)$(OPENSSLDIR)/misc/$$ln; \
++ $(ECHO) "copy $(DESTDIR)$(EXAMPLEDIR)/misc/$$ln -> $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn"; \
++ cp $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn $(DESTDIR)$(EXAMPLEDIR)/misc/$$ln; \
+ : {- output_on() unless windowsdll();
+ output_off() if windowsdll(); "" -}; \
+- $(ECHO) "link $(DESTDIR)$(OPENSSLDIR)/misc/$$ln -> $(DESTDIR)$(OPENSSLDIR)/misc/$$fn"; \
+- ln -sf $$fn $(DESTDIR)$(OPENSSLDIR)/misc/$$ln; \
++ $(ECHO) "link $(DESTDIR)$(EXAMPLEDIR)/misc/$$ln -> $(DESTDIR)$(EXAMPLEDIR)/misc/$$fn"; \
++ ln -sf $$fn $(DESTDIR)$(EXAMPLEDIR)/misc/$$ln; \
+ : {- output_on() if windowsdll(); "" -}; \
+ fi; \
+ done
+- @$(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist"
+- @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new
+- @chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new
+- @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist
+- @if [ ! -f "$(DESTDIR)$(OPENSSLDIR)/openssl.cnf" ]; then \
+- $(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf"; \
+- cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \
+- chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \
++ @$(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf.dist"
++ @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf.new
++ @chmod 644 $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf.new
++ @mv -f $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf.new $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf.dist
++ @if [ ! -f "$(DESTDIR)$(EXAMPLEDIR)/openssl.cnf" ]; then \
++ $(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf"; \
++ cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf; \
++ chmod 644 $(DESTDIR)$(EXAMPLEDIR)/openssl.cnf; \
+ fi
+- @$(ECHO) "install $(SRCDIR)/apps/ct_log_list.cnf -> $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.dist"
+- @cp $(SRCDIR)/apps/ct_log_list.cnf $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.new
+- @chmod 644 $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.new
+- @mv -f $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.new $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.dist
+- @if [ ! -f "$(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf" ]; then \
+- $(ECHO) "install $(SRCDIR)/apps/ct_log_list.cnf -> $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf"; \
+- cp $(SRCDIR)/apps/ct_log_list.cnf $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf; \
+- chmod 644 $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf; \
++ @$(ECHO) "install $(SRCDIR)/apps/ct_log_list.cnf -> $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf.dist"
++ @cp $(SRCDIR)/apps/ct_log_list.cnf $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf.new
++ @chmod 644 $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf.new
++ @mv -f $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf.new $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf.dist
++ @if [ ! -f "$(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf" ]; then \
++ $(ECHO) "install $(SRCDIR)/apps/ct_log_list.cnf -> $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf"; \
++ cp $(SRCDIR)/apps/ct_log_list.cnf $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf; \
++ chmod 644 $(DESTDIR)$(EXAMPLEDIR)/ct_log_list.cnf; \
+ fi
+
+ install_dev: install_runtime_libs
Home |
Main Index |
Thread Index |
Old Index