diff options
| author |   Daniel Ahlberg <aliz@gentoo.org> | 2003-11-04 16:36:58 +0000 |
|---|---|---|
| committer | Daniel Ahlberg <aliz@gentoo.org> | 2003-11-04 16:36:58 +0000 |
| commit | 5eeb6f544e84724adf569037380de9f1f2878489 (patch) | |
| tree | a089155c35cbcba5a50fd65e4e21f1ad65b726cc | |
| parent | Security update (diff) | |
| download | gentoo-2-5eeb6f544e84724adf569037380de9f1f2878489.tar.gz gentoo-2-5eeb6f544e84724adf569037380de9f1f2878489.tar.bz2 gentoo-2-5eeb6f544e84724adf569037380de9f1f2878489.zip | |
Security update
| -rw-r--r-- | dev-libs/openssl/ChangeLog | 9 | ||||
| -rw-r--r-- | dev-libs/openssl/Manifest | 7 | ||||
| -rw-r--r-- | dev-libs/openssl/files/digest-openssl-0.9.6l | 1 | ||||
| -rw-r--r-- | dev-libs/openssl/files/digest-openssl-0.9.7c-r1 | 2 | ||||
| -rw-r--r-- | dev-libs/openssl/files/openssl-0.9.6l-gentoo.diff | 48 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-0.9.6l.ebuild | 105 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-0.9.7c-r1.ebuild | 168 |
7 files changed, 335 insertions, 5 deletions
diff --git a/dev-libs/openssl/ChangeLog b/dev-libs/openssl/ChangeLog index 4b76878e1ea5..d166fca1f85e 100644 --- a/dev-libs/openssl/ChangeLog +++ b/dev-libs/openssl/ChangeLog @@ -1,10 +1,15 @@ # ChangeLog for dev-libs/openssl # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.55 2003/10/29 07:37:38 aliz Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.56 2003/11/04 16:36:41 aliz Exp $ + +*openssl-0.9.6l (04 Nov 2003) +*openssl-0.9.7c-r1 (04 Nov 2003) + + 04 Nov 2003; Daniel AHlberg <aliz@gentoo.org> openssl-0.9.7c-r1.ebuild openssl-0.9.6l.ebuild : + Security update. 28 Oct 2003; Daniel Ahlberg <aliz@gentoo.org> openssl-0.9.7c.ebuild : Add make test to compile process. Closes #30066. - *openssl-0.9.6k-r1 (10 Oct 2003) diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index 3026b943193f..64716f29dcde 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -1,10 +1,10 @@ MD5 f110bafc5ab22d7c5529adddca5c9312 openssl-0.9.7b-r3.ebuild 4790 -MD5 cc5d4327e09d6e8dcdd73153425b93f4 openssl-0.9.6l.ebuild 3071 +MD5 32be56655c507e0c2441f98eb42a4503 openssl-0.9.6l.ebuild 3055 MD5 5bfe1187da645375b143f7490b36b4e8 openssl-0.9.7c.ebuild 4828 MD5 cc5d4327e09d6e8dcdd73153425b93f4 openssl-0.9.6k-r1.ebuild 3071 MD5 69ad81d01cbeb155e1238e208018f7bd openssl-0.9.6k.ebuild 2601 -MD5 f42aa354799fa0ad062cf62aee647738 openssl-0.9.7c-r1.ebuild 4828 -MD5 f8b826e9fdf62bbb659126f654057395 ChangeLog 9312 +MD5 5826e9d9c3f0f165002368663da938a7 openssl-0.9.7c-r1.ebuild 4833 +MD5 578cb1799fe7b95b932e92bc8adb4b8f ChangeLog 9490 MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220 MD5 861241a3156c82351f2fd10fa2433c03 openssl-0.9.7b.ebuild 3318 MD5 7483d6f0412e857e9063dce4aecf2991 files/openssl-0.9.7c-gentoo.diff 936 @@ -16,6 +16,7 @@ MD5 05f27ed666e4f0927ce09b79abc606b2 files/digest-openssl-0.9.6l 67 MD5 ec3ece282da08b6e27d213ee22c00208 files/digest-openssl-0.9.7b 67 MD5 8ad6215b1b4c9d53c435ceff6b537e35 files/digest-openssl-0.9.7c 134 MD5 7483d6f0412e857e9063dce4aecf2991 files/openssl-0.9.7a-gentoo.diff 936 +MD5 cebd09d1819c07b0fab14ad90b0da884 files/openssl-0.9.6l-gentoo.diff 1591 MD5 e4af813471d470d25fb77231d324ad1c files/digest-openssl-0.9.6k-r1 67 MD5 55db5f2d56b9146b7d7cae1353a0e0c4 files/digest-openssl-0.9.7b-r3 134 MD5 f8b9ae9e3ed08f964620aa832aec4d0c files/digest-openssl-0.9.7c-r1 134 diff --git a/dev-libs/openssl/files/digest-openssl-0.9.6l b/dev-libs/openssl/files/digest-openssl-0.9.6l new file mode 100644 index 000000000000..dc14d5ce96cf --- /dev/null +++ b/dev-libs/openssl/files/digest-openssl-0.9.6l @@ -0,0 +1 @@ +MD5 843a65ddc56634f0e30a4f9474bb5b27 openssl-0.9.6l.tar.gz 2183726 diff --git a/dev-libs/openssl/files/digest-openssl-0.9.7c-r1 b/dev-libs/openssl/files/digest-openssl-0.9.7c-r1 new file mode 100644 index 000000000000..7b9fa6c555b3 --- /dev/null +++ b/dev-libs/openssl/files/digest-openssl-0.9.7c-r1 @@ -0,0 +1,2 @@ +MD5 c54fb36218adaaaba01ef733cd88c8ec openssl-0.9.7c.tar.gz 2791797 +MD5 843a65ddc56634f0e30a4f9474bb5b27 openssl-0.9.6l.tar.gz 2183726 diff --git a/dev-libs/openssl/files/openssl-0.9.6l-gentoo.diff b/dev-libs/openssl/files/openssl-0.9.6l-gentoo.diff new file mode 100644 index 000000000000..4a1632f50a4f --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.6l-gentoo.diff @@ -0,0 +1,48 @@ +diff -r -c -C 2 openssl-0.9.6g-orig/crypto/des/fcrypt.c openssl-0.9.6g/crypto/des/fcrypt.c +*** openssl-0.9.6g-orig/crypto/des/fcrypt.c Thu Sep 26 15:20:47 2002 +--- openssl-0.9.6g/crypto/des/fcrypt.c Thu Sep 26 15:21:24 2002 +*************** +*** 62,66 **** + DES_LONG Eswap0, DES_LONG Eswap1); + +! #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(_DARWIN) + char *crypt(const char *buf, const char *salt) + { +--- 62,66 ---- + DES_LONG Eswap0, DES_LONG Eswap1); + +! #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(_DARWIN) && !defined(__GLIBC__) + char *crypt(const char *buf, const char *salt) + { +diff -r -c -C 2 openssl-0.9.6g-orig/test/Makefile openssl-0.9.6g/test/Makefile +*** openssl-0.9.6g-orig/test/Makefile Thu Sep 26 15:20:47 2002 +--- openssl-0.9.6g/test/Makefile Thu Sep 26 15:23:26 2002 +*************** +*** 28,32 **** + DLIBCRYPTO= ../libcrypto.a + DLIBSSL= ../libssl.a +! LIBCRYPTO= -L.. -lcrypto + LIBSSL= -L.. -lssl + +--- 28,32 ---- + DLIBCRYPTO= ../libcrypto.a + DLIBSSL= ../libssl.a +! LIBCRYPTO= -L.. -lcrypto -lcrypt + LIBSSL= -L.. -lssl + +diff -r -c -C 2 openssl-0.9.6g-orig/test/Makefile.ssl openssl-0.9.6g/test/Makefile.ssl +*** openssl-0.9.6g-orig/test/Makefile.ssl Thu Sep 26 15:20:47 2002 +--- openssl-0.9.6g/test/Makefile.ssl Thu Sep 26 15:23:26 2002 +*************** +*** 28,32 **** + DLIBCRYPTO= ../libcrypto.a + DLIBSSL= ../libssl.a +! LIBCRYPTO= -L.. -lcrypto + LIBSSL= -L.. -lssl + +--- 28,32 ---- + DLIBCRYPTO= ../libcrypto.a + DLIBSSL= ../libssl.a +! LIBCRYPTO= -L.. -lcrypto -lcrypt + LIBSSL= -L.. -lssl + diff --git a/dev-libs/openssl/openssl-0.9.6l.ebuild b/dev-libs/openssl/openssl-0.9.6l.ebuild new file mode 100644 index 000000000000..05ad50aed0a2 --- /dev/null +++ b/dev-libs/openssl/openssl-0.9.6l.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.6l.ebuild,v 1.1 2003/11/04 16:36:41 aliz Exp $ + +inherit eutils + +S=${WORKDIR}/${P} +DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" +SRC_URI="mirror://openssl/source/${P}.tar.gz" +HOMEPAGE="http://www.openssl.org/" + +RDEPEND="virtual/glibc" +DEPEND="${RDEPEND} >=dev-lang/perl-5" +LICENSE="as-is" +SLOT="0" +KEYWORDS="~x86 ~ppc ~alpha ~sparc ~mips ~hppa ~arm" +IUSE="" + +if [ "$PROFILE_ARCH" = "sparc" -a "`uname -m`" = "sparc64" ]; then + SSH_TARGET="linux-sparcv8" +fi + +if [ "`uname -m`" = "parisc64" ]; then + SSH_TARGET="linux-parisc" +fi + +case $CHOST in + alphaev56*|alphaev6*) SSH_TARGET="linux-alpha+bwx-${CC:-gcc}" ;; + alpha*) SSH_TARGET="linux-alpha-${CC:-gcc}" ;; +esac + +src_unpack() { + unpack ${A} ; cd ${S} + + epatch ${FILESDIR}/${P}-gentoo.diff + + if [ "${ARCH}" = "mips" ] + then + cd ${S} + epatch ${FILESDIR}/openssl-0.9.6-mips.diff + fi + + if [ "${ARCH}" = "arm" ]; then + # patch linker to add -ldl or things linking aginst libcrypto fail + sed -e \ + 's!^"linux-elf-arm"\(.*\)::BN\(.*\)!"linux-elf-arm"\1:-ldl:BN\2!' \ + Configure > Configure.orig + elif [ "${ARCH}" = "hppa" ]; then + sed -e \ + 's!^"linux-parisc"\(.*\)::BN\(.*\)::!"linux-parisc"\1:-ldl:BN\2::::::::::dlfcn:linux-shared:-fPIC::.so.\\$(SHLIB_MAJOR).\\$(SHLIB_MINOR)!' \ + Configure > Configure.orig + else + cp Configure Configure.orig + fi + sed -e "s/-O3/$CFLAGS/" -e "s/-m486//" Configure.orig > Configure +} + +src_compile() { + if [ ${SSH_TARGET} ]; then + einfo "Forcing ${SSH_TARGET} compile" + ./Configure ${SSH_TARGET} --prefix=/usr \ + --openssldir=/etc/ssl shared threads || die + else + ./config --prefix=/usr --openssldir=/etc/ssl shared threads || die + fi + # i think parallel make has problems + make all || die + +} + +src_install() { + make INSTALL_PREFIX=${D} MANDIR=/usr/share/man install || die + dodoc CHANGES* FAQ LICENSE NEWS README + dodoc doc/*.txt + dohtml doc/* + insinto /usr/share/emacs/site-lisp + doins doc/c-indentation.el + + # The man pages rand.3 and passwd.1 conflict with other packages + # Rename them to ssl-* and also make a symlink from openssl-* to ssl-* + cd ${D}/usr/share/man/man1 + mv passwd.1 ssl-passwd.1 + ln -sf ssl-passwd.1 openssl-passwd.1 + cd ${D}/usr/share/man/man3 + mv rand.3 ssl-rand.3 + ln -sf ssl-rand.3 openssl-rand.3 + + # create the certs directory. Previous openssl builds + # would need to create /usr/lib/ssl/certs but this looks + # to be the more FHS compliant setup... -raker + dodir /etc/ssl/certs + +} + +pkg_postinst() { + local BN_H="${ROOT}$(gcc-config -L)/include/openssl/bn.h" + # Breaks things one some boxen, bug #13795. The problem is that + # if we have a 'gcc fixed' version in $(gcc-config -L) from 0.9.6, + # then breaks as it was defined as 'int BN_mod(...)' and in 0.9.7 it + # is a define with BN_div(...) - <azarah@gentoo.org> (24 Sep 2003) + if [ -f "${BN_H}" ] && [ -n "$(grep '^int[[:space:]]*BN_mod(' "${BN_H}")" ] + then + rm -f "${BN_H}" + fi +} diff --git a/dev-libs/openssl/openssl-0.9.7c-r1.ebuild b/dev-libs/openssl/openssl-0.9.7c-r1.ebuild new file mode 100644 index 000000000000..084d457f9bbd --- /dev/null +++ b/dev-libs/openssl/openssl-0.9.7c-r1.ebuild @@ -0,0 +1,168 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.7c-r1.ebuild,v 1.1 2003/11/04 16:36:41 aliz Exp $ + +inherit eutils flag-o-matic gcc + +if [ "$( gcc-version )" == "3.3" ]; then + filter-flags "-fprefetch-loop-arrays" +fi + +OLD_096_P="${PN}-0.9.6l" + +S="${WORKDIR}" +DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" +SRC_URI="mirror://openssl/source/${P}.tar.gz + mirror://openssl/source/${OLD_096_P}.tar.gz" +HOMEPAGE="http://www.openssl.org/" + +RDEPEND="virtual/glibc" +DEPEND="${RDEPEND} + >=dev-lang/perl-5 + >=sys-apps/sed-4" +LICENSE="as-is" +SLOT="0" + +KEYWORDS="~x86 ~ppc ~alpha ~sparc ~mips ~hppa ~arm ~amd64 ~ia64" + +src_unpack() { + unpack ${A} + + # openssl-0.9.7 + cd ${WORKDIR}/${P} + + epatch ${FILESDIR}/${P}-gentoo.diff + + if [ "${ARCH}" = "hppa" ]; then + sed -i -e \ + 's!^"linux-parisc"\(.*\)::BN\(.*\)::!"linux-parisc"\1:-ldl:BN\2::::::::::dlfcn:linux-shared:-fPIC::.so.\\$(SHLIB_MAJOR).\\$(SHLIB_MINOR)!' \ + Configure + fi + if [ "${ARCH}" = "alpha" -a "${CC}" != "ccc" ]; then + # ccc compiled openssl will break things linked against + # a gcc compiled openssl, the configure will automatically detect + # ccc and use it, so stop that if user hasnt asked for it. + sed -i -e \ + 's!CC=ccc!CC=gcc!' config + fi + + sed -i -e "s/-O3/$CFLAGS/" -e "s/-m486//" Configure + + # openssl-0.9.6 + test -f ${ROOT}/usr/lib/libssl.so.0.9.6 && { + cd ${WORKDIR}/${OLD_096_P} + + epatch ${FILESDIR}/${OLD_096_P}-gentoo.diff + + case ${ARCH} in + mips) + epatch ${FILESDIR}/openssl-0.9.6-mips.diff + ;; + arm) + # patch linker to add -ldl or things linking aginst libcrypto fail + sed -i -e \ + 's!^"linux-elf-arm"\(.*\)::BN\(.*\)!"linux-elf-arm"\1:-ldl:BN\2!' \ + Configure + ;; + hppa) + sed -i -e \ + 's!^"linux-parisc"\(.*\)::BN\(.*\)::!"linux-parisc"\1:-ldl:BN\2::::::::::dlfcn:linux-shared:-fPIC::.so.\\$(SHLIB_MAJOR).\\$(SHLIB_MINOR)!' \ + Configure + esac + + sed -i -e "s/-O3/$CFLAGS/" -e "s/-m486//" Configure + } +} + +src_compile() { + # openssl-0.9.7 + cd ${WORKDIR}/${P} + ./config --prefix=/usr --openssldir=/etc/ssl shared threads || die + einfo "Compiling ${P}" + make all || die + make test || die + + # openssl-0.9.6 + test -f ${ROOT}/usr/lib/libssl.so.0.9.6 && { + cd ${WORKDIR}/${OLD_096_P} + + if [ "$PROFILE_ARCH" = "sparc" -a "`uname -m`" = "sparc64" ]; then + SSH_TARGET="linux-sparcv8" + elif [ "`uname -m`" = "parisc64" ]; then + SSH_TARGET="linux-parisc" + fi + + case ${CHOST} in + alphaev56*|alphaev6*) + SSH_TARGET="linux-alpha+bwx-${CC:-gcc}" + ;; + alpha*) + SSH_TARGET="linux-alpha-${CC:-gcc}" ;; + esac + + if [ ${SSH_TARGET} ]; then + einfo "Forcing ${SSH_TARGET} compile" + ./Configure ${SSH_TARGET} --prefix=/usr \ + --openssldir=/etc/ssl shared threads || die + else + ./config --prefix=/usr --openssldir=/etc/ssl shared threads || die + fi + + einfo "Compiling ${OLD_096_P}" + make all || die + make test || die + } +} + +src_install() { + # openssl-0.9.7 + cd ${WORKDIR}/${P} + make INSTALL_PREFIX=${D} MANDIR=/usr/share/man install || die + dodoc CHANGES* FAQ LICENSE NEWS README + dodoc doc/*.txt + dohtml doc/* + insinto /usr/share/emacs/site-lisp + doins doc/c-indentation.el + + # create the certs directory. Previous openssl builds + # would need to create /usr/lib/ssl/certs but this looks + # to be the more FHS compliant setup... -raker + insinto /etc/ssl/certs + doins certs/*.pem + OPENSSL=${D}/usr/bin/openssl /usr/bin/perl tools/c_rehash ${D}/etc/ssl/certs + + # The man pages rand.3 and passwd.1 conflict with other packages + # Rename them to ssl-* and also make a symlink from openssl-* to ssl-* + cd ${D}/usr/share/man/man1 + mv passwd.1 ssl-passwd.1 + ln -sf ssl-passwd.1 openssl-passwd.1 + cd ${D}/usr/share/man/man3 + mv rand.3 ssl-rand.3 + ln -sf ssl-rand.3 openssl-rand.3 + + # openssl-0.9.6 + test -f ${ROOT}/usr/lib/libssl.so.0.9.6 && { + dolib.so ${WORKDIR}/${OLD_096_P}/libcrypto.so.0.9.6 + dolib.so ${WORKDIR}/${OLD_096_P}/libssl.so.0.9.6 + } +} + +pkg_postinst() { + local BN_H="${ROOT}$(gcc-config -L)/include/openssl/bn.h" + # Breaks things one some boxen, bug #13795. The problem is that + # if we have a 'gcc fixed' version in $(gcc-config -L) from 0.9.6, + # then breaks as it was defined as 'int BN_mod(...)' and in 0.9.7 it + # is a define with BN_div(...) - <azarah@gentoo.org> (24 Sep 2003) + if [ -f "${BN_H}" ] && [ -n "$(grep '^int[[:space:]]*BN_mod(' "${BN_H}")" ] + then + rm -f "${BN_H}" + fi + + test -f ${ROOT}/usr/lib/libssl.so.0.9.6 && { + einfo "You can now re-compile all packages that are linked against" + einfo "OpenSSL 0.9.6 by using revdep-rebuild from gentoolkit:" + einfo "# revdep-rebuild --soname libssl.so.0.9.6" + einfo "# revdep-rebuild --soname libcrypto.so.0.9.6" + einfo "After this, you can delete /usr/lib/libssl.so.0.9.6 and /usr/lib/libcrypto.so.0.9.6" + } +} |