aboutsummaryrefslogblamecommitdiffstats
path: root/main/openssl/APKBUILD
blob: eda89555e0765d53a60160cdc6b4e02e622fe190 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
                                            
               
             
        
                                          
                        
        


                                                  
                      
          
                 
 
                                                                               
 
                                                                 







                                                                       





                                                                       
         
 













                     


                     

                     



                     

                     



                     
 
                                    
 
           


                                





                                                                 


                                                    
 
 
         
                               
                       








                                                                
                                                                                 
                                        
                                                                                        





                                                                
                                                 
                              
                                       
                                                                  
                             
                                            
                                                              
                           
 
                                             



                       

                                                                               


                                                 






                                                                  

 

                                             
 
                                                      



                                                                      


                                                          

                                      
 






                                                                      
                                                                
                                                         

                                                             
                                                                         
                                                               


                                                                                                 




                                                                                                 
                                                                                           
                                                                                                   
                                                                                         

                                                                                             
                                                                                                         
                                                                                               


                                                                                                                                 




                                                                                                                                 
                                                                                                                           
                                                                                                                                                                   
                                                                                                                                                         

                                                                                                                                                             
                                                                                                                                                                         
                                                                                                                                                               


                                                                                                                                                                                                 




                                                                                                                                                                                                 
                                                                                                                                                                                           
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
pkgver=1.0.2k
pkgrel=0
pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
url="http://openssl.org"
depends=
makedepends_build="perl"
makedepends_host="zlib-dev"
makedepends="$makedepends_host $makedepends_build"
depends_dev="zlib-dev"
arch="all"
license="openssl"

subpackages="$pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl"

source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
	0001-fix-manpages.patch
	0002-busybox-basename.patch
	0003-use-termios.patch
	0004-fix-default-ca-path-for-apps.patch
	0005-fix-parallel-build.patch
	0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
	0007-reimplement-c_rehash-in-C.patch
	0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
	0009-no-rpath.patch
	0010-ssl-env-zlib.patch
	1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
	1002-backport-changes-from-upstream-padlock-module.patch
	1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
	1004-crypto-engine-autoload-padlock-dynamic-engine.patch
	"

# secfixes:
#   1.0.2h-r0:
#     - CVE-2016-2107
#     - CVE-2016-2105
#     - CVE-2016-2106
#     - CVE-2016-2109
#     - CVE-2016-2176
#   1.0.2h-r1:
#     - CVE-2016-2177
#     - CVE-2016-2178
#   1.0.2h-r2:
#     - CVE-2016-2180
#   1.0.2h-r3:
#     - CVE-2016-2179
#     - CVE-2016-2182
#     - CVE-2016-6302
#     - CVE-2016-6303
#   1.0.2h-r4:
#     - CVE-2016-2181
#   1.0.2i-r0:
#     - CVE-2016-2183
#     - CVE-2016-6304
#     - CVE-2016-6306
#   1.0.2j-r0:
#     - CVE-2016-7052
#   1.0.2k-r0:
#     - CVE-2016-7055
#     - CVE-2017-3731
#     - CVE-2017-3732

_builddir="$srcdir"/$pkgname-$pkgver

prepare() {
        cd "$_builddir"
        for patch in $source; do
                case $patch in
                *.patch)
                        msg "Applying patch $patch"
                        patch -p1 -i "$srcdir"/$patch || return 1
                        ;;
                esac
        done

	# force generate apps, due to c_rehash patch
	rm -rf "$_builddir"/apps/progs.h
}

build() {
	local _target _optflags
	cd "$_builddir"

	# openssl will prepend crosscompile always core CC et al
	CC=${CC#${CROSS_COMPILE}}
	CXX=${CXX#${CROSS_COMPILE}}
	CPP=${CPP#${CROSS_COMPILE}}

	# determine target OS for openssl
	case "$CARCH" in
	x86)    _target="linux-elf" ;;
	x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;;
	arm*)   _target="linux-armv4" ;;
	*)	msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;;
	esac

	# Configure assumes --options are for it, so can't use
	# gcc's --sysroot fake this by overriding CC
	[ -n "$CBUILDROOT" ] && CC="$CC --sysroot=${CBUILDROOT}"

	perl ./Configure $_target --prefix=/usr \
		--libdir=lib \
		--openssldir=/etc/ssl \
		shared zlib enable-montasm enable-md2 $_optflags \
		enable-ssl2 \
		-DOPENSSL_NO_BUF_FREELISTS \
		$CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \
		|| return 1

	make && make build-shared || return 1
}

package() {
	cd "$_builddir"
	make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man install || return 1

	# c_rehash compat link
	ln -sf openssl "$pkgdir"/usr/bin/c_rehash

	# rename man pages that conflict with man-pages
	local m
	for m in rand.3 err.3 threads.3 passwd.1; do
		mv "$pkgdir"/usr/share/man/man${m/*.}/$m \
		   "$pkgdir"/usr/share/man/man${m/*.}/openssl-$m \
			|| return 1
	done
}

libcrypto() {
	pkgdesc="Crypto library from openssl"

	mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
	for i in "$pkgdir"/usr/lib/libcrypto*; do
		mv $i "$subpkgdir"/lib/
		ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
	done
	mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/
}

libssl() {
	pkgdesc="SSL shared libraries"

	mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
	for i in "$pkgdir"/usr/lib/libssl*; do
		mv $i "$subpkgdir"/lib/
		ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
	done
}

md5sums="f965fc0bf01bf882b31314b61391ae65  openssl-1.0.2k.tar.gz
ca4b7eea03af14012ca2d4e7c092db23  0001-fix-manpages.patch
67bdfe450143a41042d2c318003e963a  0002-busybox-basename.patch
84c03f201f55ca7fbfde364cfdfc9cf4  0003-use-termios.patch
9bb9dffdd871eeccc945494771302cc3  0004-fix-default-ca-path-for-apps.patch
ed6e779e9799aeb7e029929a5719e631  0005-fix-parallel-build.patch
5a5753f52b9f54f769f1ad915d0119bd  0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
106b2c7590d49a28c782cf3f5d623543  0007-reimplement-c_rehash-in-C.patch
7a2f9c883ecdfca3087062df4a68150a  0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
28e89dd715fc4ed85e747bd7306f2970  0009-no-rpath.patch
742ee13d88b13414248f329a09f9a92d  0010-ssl-env-zlib.patch
25091afb907de2b504f8bad6bf70002c  1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
aa16c89b283faf0fe546e3f897279c44  1002-backport-changes-from-upstream-padlock-module.patch
57cca845e22c178c3b317010be56edf0  1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
2ac874d1249f5f68d8c7cd58d157d29a  1004-crypto-engine-autoload-padlock-dynamic-engine.patch"
sha256sums="6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0  openssl-1.0.2k.tar.gz
d9c8d3b53a237e88bb333739e9a09d25e9fe647c4bc36acff74c7d49ce56484b  0001-fix-manpages.patch
b449fb998b5f60a3a1779ac2f432b2c7f08ae52fc6dfa98bca37d735f863d400  0002-busybox-basename.patch
c3e6a9710726dac72e3eeffd78961d3bae67a480f6bde7890e066547da25cdfd  0003-use-termios.patch
1f022ccab9b2e5850f32d2ac75cb617c8ce7b803a4548ce71e82776fe5b15b67  0004-fix-default-ca-path-for-apps.patch
aa1fed25880313bd77fe06fc8a42ac65e02ac944eb4052480de2abbde7867380  0005-fix-parallel-build.patch
9baecc8024bd5004ef045c6c53537f7453029c1e273874ce639834145564ca6d  0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
c934b5d1a2cb58b5235da2dfee423f0f66bb83e1d479f511b444751899637c37  0007-reimplement-c_rehash-in-C.patch
1030f885dc76f352854a7a95d73e68cfd1479c5f9ee198d6afef6b0755ee1c81  0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
6b7ac5c9db430d9d3e8aaf87e0e95aa8a0ef460517d6563cca24014d4d890fbc  0009-no-rpath.patch
fa2e3101ca7c6daed7ea063860d586424be7590b1cec4302bc2beee1a3c6039f  0010-ssl-env-zlib.patch
2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7  1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260  1002-backport-changes-from-upstream-padlock-module.patch
c10b8aaf56a4f4f79ca195fc587e0bb533f643e777d7a3e6fb0350399a6060ea  1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
2f7c850af078a3ae71b2dd38d5d0b3964ea4262e52673e36ff33498cc6223e6c  1004-crypto-engine-autoload-padlock-dynamic-engine.patch"
sha512sums="0d314b42352f4b1df2c40ca1094abc7e9ad684c5c35ea997efdd58204c70f22a1abcb17291820f0fff3769620a4e06906034203d31eb1a4d540df3e0db294016  openssl-1.0.2k.tar.gz
80589e386fe57470818757a182f444a79050e1f19683650268d551d8aa436902b3bf565bb7a2aa8464013e50229c8bed5bb89fbd8387469cdfdcd3941eb3e5db  0001-fix-manpages.patch
2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c  0002-busybox-basename.patch
58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4  0003-use-termios.patch
c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae  0004-fix-default-ca-path-for-apps.patch
5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb  0005-fix-parallel-build.patch
820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5  0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch
fc4e383ec85c6543e4e82520904122a5a5601c68042ece1e95a0cae95e02d89174f06f78ba2f8aacae8df16052df6ec628b568519a41706428a3fa07984cc8e3  0007-reimplement-c_rehash-in-C.patch
17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351  0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch
5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1  0009-no-rpath.patch
5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420  0010-ssl-env-zlib.patch
8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17  1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389  1002-backport-changes-from-upstream-padlock-module.patch
6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc  1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
b72436eb8d4dac42d8da76a51d46cfc03e92e162f692a7a1761201221b9c6d66b738c08270b2260f02ce47b42043538474df73a7185dd4a809dd3b14cc8af7c3  1004-crypto-engine-autoload-padlock-dynamic-engine.patch"