aboutsummaryrefslogblamecommitdiffstats
path: root/main/openssl/APKBUILD
blob: a5360e1fe3700a9c3400d4da4dc1431db8ca64a1 (plain) (tree)
1
2
3
4
5
6
7
8
9

                                            
             
                    
        
                                                    


                             
                   
                        
                                
                                                  

                                                                        
                                                              



                                                      
 
           



                     

                     
              


                     












                                                                


                                                                           








                                                                                        
                                                              



                                                 
                                           
                                                                 
                                                       
                                     
                                                            














                                      




                               
              
                                             
                                        
                                                      
                                      



                                                                      
                                                                   

 
           








                                                                      
                                                                                                                                                                    
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
pkgver=1.1.1d
_abiver=${pkgver%.*}
pkgrel=1
pkgdesc="Toolkit for Transport Layer Security (TLS)"
url="https://www.openssl.org"
arch="all"
license="OpenSSL"
replaces="libressl"
makedepends_build="perl"
makedepends_host="linux-headers"
makedepends="$makedepends_host $makedepends_build"
subpackages="$pkgname-dbg $pkgname-libs-static $pkgname-dev $pkgname-doc
	libcrypto$_abiver:_libcrypto libssl$_abiver:_libssl"
source="https://www.openssl.org/source/openssl-$pkgver.tar.gz"
case "$CARCH" in
s390x) options="$options !check";; # FIXME: test hangs
esac


# secfixes:
#   1.1.1d-r1:
#     - CVE-2019-1547
#     - CVE-2019-1549
#     - CVE-2019-1563
#   1.1.1b-r1:
#     - CVE-2019-1543
#   1.1.1a-r0:
#     - CVE-2018-0734
#     - CVE-2018-0735

build() {
	local _target _optflags
	cd "$builddir"

	# openssl will prepend crosscompile always core CC et al
	CC=${CC#${CROSS_COMPILE}}
	CXX=${CXX#${CROSS_COMPILE}}
	CPP=${CPP#${CROSS_COMPILE}}

	# determine target OS for openssl
	case "$CARCH" in
	aarch64*) _target="linux-aarch64" ;;
	arm*)   _target="linux-armv4" ;;
	mips64*) _target="linux64-mips64" ;;
	# explicit _optflags is needed to prevent automatic -mips3 addition
	mips*) _target="linux-mips32"; _optflags="-mips32" ;;
	ppc64le) _target="linux-ppc64le" ;;
	x86)    _target="linux-elf" ;;
	x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;;
	s390x)	_target="linux64-s390x";;
	*)	msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;;
	esac

	# Configure assumes --options are for it, so can't use
	# gcc's --sysroot fake this by overriding CC
	[ -n "$CBUILDROOT" ] && CC="$CC --sysroot=$CBUILDROOT"

	perl ./Configure $_target --prefix=/usr \
		--libdir=lib \
		--openssldir=/etc/ssl \
		shared no-zlib $_optflags \
		no-async no-comp no-idea no-mdc2 no-rc5 no-ec2m \
		no-sm2 no-sm4 no-ssl2 no-ssl3 no-seed \
		no-weak-ssl-ciphers \
		$CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack
	make
}

check() {
	cd "$builddir"
	make test
}

package() {
	cd "$builddir"
	make DESTDIR="$pkgdir" install
	# remove the script c_rehash
	rm "$pkgdir"/usr/bin/c_rehash
}

dev() {
	default_dev
	replaces="libressl-dev"
}

_libcrypto() {
	pkgdesc="Crypto library from openssl"
	replaces="libressl2.7-libcrypto"
	mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
	mv "$pkgdir"/etc "$subpkgdir"/
	for i in "$pkgdir"/usr/lib/libcrypto*; do
		mv $i "$subpkgdir"/lib/
		ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
	done
	mv "$pkgdir"/usr/lib/engines-$_abiver "$subpkgdir"/usr/lib/
}

_libssl() {
	pkgdesc="SSL shared libraries"

	mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
	for i in "$pkgdir"/usr/lib/libssl*; do
		mv $i "$subpkgdir"/lib/
		ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
	done
}

sha512sums="2bc9f528c27fe644308eb7603c992bac8740e9f0c3601a130af30c9ffebbf7e0f5c28b76a00bbb478bad40fbe89b4223a58d604001e1713da71ff4b7fe6a08a7  openssl-1.1.1d.tar.gz"