From: Mike Frysinger Date: Wed, 11 Jan 2012 00:12:23 +0000 (+0000) Subject: Remove IDEA algos from USE=bindist #398439 by Ulrich Müller. Update EAPI and static... X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=4c26b97af02d948e7c29ea12e1825dc1a0a3b1cd;p=gentoo.git Remove IDEA algos from USE=bindist #398439 by Ulrich Müller. Update EAPI and static-libs dep so we can work with older versions of zlib #397695#3. Package-Manager: portage-2.2.0_alpha84/cvs/Linux x86_64 --- diff --git a/dev-libs/openssl/ChangeLog b/dev-libs/openssl/ChangeLog index 15634efe63a3..325ce359aa43 100644 --- a/dev-libs/openssl/ChangeLog +++ b/dev-libs/openssl/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for dev-libs/openssl # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.413 2012/01/04 21:44:48 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.414 2012/01/11 00:12:23 vapier Exp $ + +*openssl-1.0.0f-r1 (11 Jan 2012) +*openssl-0.9.8s-r1 (11 Jan 2012) + + 11 Jan 2012; Mike Frysinger +openssl-0.9.8s-r1.ebuild, + +openssl-1.0.0f-r1.ebuild, metadata.xml: + Remove IDEA algos from USE=bindist #398439 by Ulrich Müller. Update EAPI and + static-libs dep so we can work with older versions of zlib #397695#3. *openssl-1.0.0f (04 Jan 2012) *openssl-0.9.8s (04 Jan 2012) diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index 0ade7ee63b1e..78ff8031dee9 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -21,27 +21,29 @@ DIST openssl-1.0.0e.tar.gz 4040229 RMD160 f7b7c8146592bb0924f145b1e3382b5a1d9283 DIST openssl-1.0.0f.tar.gz 4043367 RMD160 4eb32bc51a86b28f6c0c159e421786d51bf441bd SHA1 f087190fc7702f328324aaa89c297cab6e236564 SHA256 faf1eab0ef85fd6c3beca271c356b31b5cc831e2c6b7f23cf672e7ab4680fde1 DIST openssl-c_rehash.sh.1.7 4167 RMD160 c87f12c5421593d160f0cc650921c2e3412869ab SHA1 54493c80be245f2da9b7d303e49d613d376d9609 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 EBUILD openssl-0.9.8r.ebuild 4333 RMD160 d5e1a4a4faedf3e68e20761cb2468ddcf8121f5d SHA1 cc345cc8e8bd9e9ed814d507fe4e28293bf13aa5 SHA256 a0dcfa504c84f50b4f6dfa23516050ff5b6f2d021e1ec1235fb351d7ff8089b0 +EBUILD openssl-0.9.8s-r1.ebuild 4325 RMD160 42816a8e188f8793674df720d29317bce95c787d SHA1 3be820f2168cfe930f43883b12bafd8aa6b22859 SHA256 e0450861dfa19c0f9378c13c0c02a19c530a929f255e143cf283c93d40dfdb9c EBUILD openssl-0.9.8s.ebuild 4335 RMD160 0891876b882a9bdb93fec077f686b88dd6516738 SHA1 d06380fa3e57884842c9a424adeba61243a9060a SHA256 0817080b75a3b81b6b5c7273a5847ee56fb1d832149b0a242870a4feb529aad8 EBUILD openssl-1.0.0d.ebuild 6003 RMD160 4cb7181c77cdc21ddbfb3a60d77e68b7d8f8124a SHA1 526d04deaf20e0996b8631ace4d2a31a3d0ada46 SHA256 fbba52f0436c9ec4d30d878a7be80a58e9a52adea2de309632643e38c392c4bc EBUILD openssl-1.0.0e-r1.ebuild 6925 RMD160 5d251388f5983672c41129a2bbe731aa67e91b69 SHA1 0892e7b7339149d6ad71f39b1c1491fca9ad3633 SHA256 cd2abb82067530d26ac77511b9e18fcb0e0e4374e60e5ae56f6e17c176c5e643 EBUILD openssl-1.0.0e.ebuild 5921 RMD160 f211cdbd3cd7ce275abfe77453c514a968a6cc82 SHA1 e7a8dfb4a6e273eddc492a89017ab0120d34694f SHA256 99cd020f77ab655b566faf79271411aa8400717dca6bdf4fd5bd6e5c3727e642 +EBUILD openssl-1.0.0f-r1.ebuild 6921 RMD160 144ebeeec85e276b21a16b274cb6fc35cae27217 SHA1 d711bc24aeea9baa50c1fd9fb9a1b434a72ddd53 SHA256 e193454bc1c18b899e4e9eee8090fe34e749303988494fa904ba8118792008bb EBUILD openssl-1.0.0f.ebuild 6922 RMD160 a91e88a91c36ee689442d15b779d7f9b3b31a634 SHA1 452ee8a70c0e34f577f024f5ae927e35243ad44e SHA256 0a0de0eecf49995c6094802116c1a4319261129b2263e1025d6205716803d7ec -MISC ChangeLog 62313 RMD160 5357a21ad7e568338689e9037810e13bc31cae00 SHA1 6bae8efba0a5bb4e2179f9ee04a78b8da2ed3ac1 SHA256 1d48423f24c2bf2939017479070b680e51bbffb3e8bacdc82f7e38fced42b101 -MISC metadata.xml 379 RMD160 97a0177e2e7305dfd73868b18c491fd6b7521715 SHA1 4b2524bfdcccd8edf66d3997c4a630f8f801a00b SHA256 b5da3aee1fe909f620781eed44ce964b2fcb2ec9030d2ad985cdee610c6001b7 +MISC ChangeLog 62653 RMD160 dcd95fa68dc55cf371a77545df370ebcff755795 SHA1 cf438cdc8a8f1bc3f5a0ce9e1c8ad3e955da0b01 SHA256 96654a1358a49617135f9c32be2ce6c25ec3dd6b8a72b2bdace18f265301548e +MISC metadata.xml 374 RMD160 9aeb5b3f983a6274f0aa03bd395b7d12b937ca62 SHA1 bc9aa89e74d572266aef36b2f17101098d11997d SHA256 ce29618473c02511695f6767087277e246b2d252ef6e662dbc65e9df44722f5b -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) -iQIcBAEBAgAGBQJPBMhsAAoJELEHsLL7fEFWt2cP/2h++UnAmMtG784HJyvH8716 -HzTGiggKQCscfUMvgQceB3ksSZ7DekqEek9I69qthPbYiU4NGyD0RGF82cBG7tuP -iEH/1ZPbJsfRZMzm8WS+JFu/Uvy+XFNOtk3GutLAOs5sLS6tOvGd6fj/hSf1BZTe -QNdfnpOg8stUaNk+J8ZPrIse2oZDuB6UGETd2xPWZwyj2ExJWD4uWhFRkPV1EmU6 -f8u4QYzmpYgyNf29zvj54GzqEfmZ0Uht9oSFDPN5vW6bL5TEIGSotCASIZdaBsfW -0EnGEQoFxUnpVLtk+pi6NHbF8MXDILVK1YtMDpRU4zVRyE3avkYWWKFD+Y5mnkJA -PpV1WcsHJAVeuZ+D1y9cTn+RnYCH7b89QjvObs1f3O0ztDBzmUEkyq8Zr2cyMfpv -o3ak1CrR/3Q8fP/HTbyIUCSGUnjYhwcBhA4nu6wIx/jO2K2Lrvyi76vvh6jD+71s -1AK0m1KqKlyE4J1Sc6FTG3gUVFL709Uww/59OqragpgzRWlIKjGANImll1NoBko1 -eG5r8Cywgug5Dk4YHfMry3o4IBGsGNf59zbaIvUPT9FxfWRb4hZP0CY74eipSKbz -lIZF3UXlomMaS0A+OHlsWPmhPCWjwRasYnks2yrUhibuOxD/5RW4KhXH+2Z4CaEl -VXHnv7+rP3i/5xlVMHAZ -=Pm28 +iQIcBAEBAgAGBQJPDNPwAAoJELEHsLL7fEFWXx0QAITpJVoBhgMK7U2r1BBsXdMS +7kMeQystfcpU83XuKU798Ze6lC57oqta2MsI5GFjhvbLd3UBaQEz23srPMJdn44Z +jFvHhN1nkTG6E9xG3qSJ7leEOfKiUOzPMZ4w3/xNgah7JR2Wh0XG1UzFQwrOr8Ji +aec45Y+pywsFoIcbJxc31IZUilh1Pmxs8bXUJMoA61zP0slq+x+BJ+nzUAUoY1cn +VceS/OiuZjHCyOX86yZeuB+5N070uQ4bgc63U0VeMo1PAR3W4IyARISfjv8PMqKR +uldrI2K541PZOCkywlztw3MW7rIcdFxDbYVgZ6nuF5OKFpfJexkXpJX5QmZ068Gy +ggL7sTU2gE8V4G49ASOHWcFgBIe25ju28TRXYAEOtaDLYVNdxfUpq7P+uiODYxA8 +um0YTka+1Jcs28drT7vrJhh+gYl6YNgPEWv80xfaA3RugCsZc3Rkv8gFp6JmybKB +HhTU+CfP6NH/xTp8nFwHCjCLmBBYP4vtIP3bBhJRlzyCMCdSwc//4H48MdxdYk5d +COLZYKWkZE8RYrTttLn3uK3EedAKmlsQljsifg3lM5/2qgiiEabwfrV0eDIuqCXn +eWP9cyDawyXSZIEcnr2iTzqDfoZ59PXXQ/9Paf6mEeMvkNLExKdeWM5q12Q7hA98 +hPUvihWPdkZHct8dMAmg +=vhH7 -----END PGP SIGNATURE----- diff --git a/dev-libs/openssl/metadata.xml b/dev-libs/openssl/metadata.xml index 84e41a4bf7c2..c3a999778525 100644 --- a/dev-libs/openssl/metadata.xml +++ b/dev-libs/openssl/metadata.xml @@ -3,7 +3,7 @@ base-system - Disable EC/IDEA/RC5 algorithms (as they seem to be patented) + Disable EC/RC5 algorithms (as they seem to be patented) Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers) diff --git a/dev-libs/openssl/openssl-0.9.8s-r1.ebuild b/dev-libs/openssl/openssl-0.9.8s-r1.ebuild new file mode 100644 index 000000000000..4c677fad08a3 --- /dev/null +++ b/dev-libs/openssl/openssl-0.9.8s-r1.ebuild @@ -0,0 +1,141 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8s-r1.ebuild,v 1.1 2012/01/11 00:12:23 vapier Exp $ + +# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat + +EAPI="2" + +inherit eutils flag-o-matic toolchain-funcs + +DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz" + +LICENSE="openssl" +SLOT="0.9.8" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" +IUSE="bindist gmp kerberos sse2 test zlib" + +RDEPEND="gmp? ( dev-libs/gmp ) + zlib? ( sys-libs/zlib ) + kerberos? ( app-crypt/mit-krb5 ) + !=dev-libs/openssl-0.9.8*:0" +DEPEND="${RDEPEND} + sys-apps/diffutils + >=dev-lang/perl-5 + test? ( sys-devel/bc )" + +pkg_setup() { + # avoid collisions with openssl-1 (preserve lib) + if ! has_version dev-libs/openssl:${SLOT} ; then + ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1" + rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 + fi +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch + epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 + epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + Makefile{,.org} \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + # update the enginedir path + sed -i \ + -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ + Configure || die + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags -Wa,--noexecstack + + sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken + ./config --test-sanity || die "I AM NOT SANE" +} + +src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + + tc-export CC AR RANLIB + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + echoit \ + ./${config} \ + ${sslout} \ + $(use sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl zlib) \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + shared threads \ + || die "Configure failed" + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +src_compile() { + # depend is needed to use $confopts + emake -j1 depend || die "depend failed" + emake -j1 build_libs || die "make build_libs failed" +} + +src_test() { + emake -j1 test || die "make test failed" +} + +src_install() { + dolib.so lib{crypto,ssl}.so.0.9.8 || die +} diff --git a/dev-libs/openssl/openssl-1.0.0f-r1.ebuild b/dev-libs/openssl/openssl-1.0.0f-r1.ebuild new file mode 100644 index 000000000000..4c7285786cb6 --- /dev/null +++ b/dev-libs/openssl/openssl-1.0.0f-r1.ebuild @@ -0,0 +1,209 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0f-r1.ebuild,v 1.1 2012/01/11 00:12:23 vapier Exp $ + +EAPI="4" + +inherit eutils flag-o-matic toolchain-funcs + +REV="1.7" +DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" +IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib" + +# Have the sub-libs in RDEPEND with [static-libs] since, logically, +# our libssl.a depends on libz.a/etc... at runtime. +LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) + zlib? ( sys-libs/zlib[static-libs(+)] ) + kerberos? ( app-crypt/mit-krb5 )" +RDEPEND="static-libs? ( ${LIB_DEPEND} ) + !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )" +DEPEND="${RDEPEND} + sys-apps/diffutils + >=dev-lang/perl-5 + test? ( sys-devel/bc )" +PDEPEND="app-misc/ca-certificates" + +src_unpack() { + unpack ${P}.tar.gz + cp "${DISTDIR}"/${PN}-c_rehash.sh.${REV} "${WORKDIR}"/c_rehash || die +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 + epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 + epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 + epatch "${FILESDIR}"/${PN}-1.0.0e-pkg-config.patch + epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch + epatch_user #332661 + + # disable fips in the build + # make sure the man pages are suffixed #302165 + # don't bother building man pages if they're disabled + sed -i \ + -e '/DIRS/s: fips : :g' \ + -e '/^MANSUFFIX/s:=.*:=ssl:' \ + -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ + -e $(has noman FEATURES \ + && echo '/^install:/s:install_docs::' \ + || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ + Makefile.org \ + || die + # show the actual commands in the log + sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die + chmod a+rx gentoo.config + + append-flags -fno-strict-aliasing + append-flags $(test-flags-CC -Wa,--noexecstack) + + sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 + ./config --test-sanity || die "I AM NOT SANE" +} + +src_configure() { + unset APPS #197996 + unset SCRIPTS #312551 + unset CROSS_COMPILE #311473 + + tc-export CC AR RANLIB RC + + # Clean out patent-or-otherwise-encumbered code + # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 + # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 + + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + echoit() { echo "$@" ; "$@" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + echoit \ + ./${config} \ + ${sslout} \ + $(use sse2 || echo "no-sse2") \ + enable-camellia \ + $(use_ssl !bindist ec) \ + enable-idea \ + enable-mdc2 \ + $(use_ssl !bindist rc5) \ + enable-tlsext \ + $(use_ssl gmp gmp -lgmp) \ + $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ + $(use_ssl rfc3779) \ + $(use_ssl zlib) \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + --libdir=$(get_libdir) \ + shared threads \ + || die + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ + -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ + Makefile || die +} + +src_compile() { + # depend is needed to use $confopts; it also doesn't matter + # that it's -j1 as the code itself serializes subdirs + emake -j1 depend || die + emake all || die + # rehash is needed to prep the certs/ dir; do this + # separately to avoid parallel build issues. + emake rehash || die +} + +src_test() { + emake -j1 test || die +} + +src_install() { + emake INSTALL_PREFIX="${D}" install || die + dobin "${WORKDIR}"/c_rehash || die #333117 + dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el + dohtml -r doc/* + use rfc3779 && dodoc engines/ccgost/README.gost + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + use static-libs || rm -f "${D}"/usr/lib*/lib*.a + + # create the certs directory + dodir /etc/ssl/certs + cp -RP certs/* "${D}"/etc/ssl/certs/ || die + rm -r "${D}"/etc/ssl/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${D}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" + mv ${d}/{,ssl-}${m} + # fix up references to renamed man pages + sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page ... we assume + # that any broken links are due to the above renaming + for s in $(find -L ${d} -type l) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" + + dodir /etc/sandbox.d #254521 + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir /etc/ssl/private +} + +pkg_preinst() { + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +} + +pkg_postinst() { + ebegin "Running 'c_rehash ${ROOT}etc/ssl/certs/' to rebuild hashes #333069" + c_rehash "${ROOT}etc/ssl/certs" >/dev/null + eend $? + + has_version ${CATEGORY}/${PN}:0.9.8 && return 0 + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 +}