aboutsummaryrefslogtreecommitdiffstats
path: root/main/libressl/APKBUILD
blob: d586a1a26cfb32b50055904883a853c1883115c7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Contributor: Orion <systmkor@gmail.com>
# Maintainer: Orion <systmkor@gmail.com>
#
# secfixes:
#   3.1.5-r0:
#     - CVE-2020-1971
#   2.7.4-r0:
#     - CVE-2018-0732
#     - CVE-2018-0495
#   2.5.3-r1:
#     - CVE-2017-8301
#
pkgname=libressl
pkgver=3.1.5
_namever=${pkgname}${pkgver%.*}
pkgrel=0
pkgdesc="Version of the TLS/crypto stack forked from OpenSSL"
url="https://www.libressl.org/"
arch="all"
license="custom"
pcprefix="libressl:" # avoid mix up with openssl pkg-config
makedepends_build="automake autoconf libtool"
makedepends_host="linux-headers"
makedepends="$makedepends_host $makedepends_build"
subpackages="$pkgname-dbg $_namever-libcrypto:_libs $_namever-libssl:_libs
	$_namever-libtls:_libs $pkgname-dev $pkgname-doc"
source="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-$pkgver.tar.gz
	starttls-ldap.patch
	ssl-libcompat.patch
	s_client-add-options-verify_.patch
	"

prepare() {
	default_prepare

	autoreconf -vif
}

build() {
	CFLAGS="-L$CBUILDROOT/usr/lib $CFLAGS" \
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--with-sysroot=$CBUILDROOT \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var
	make
}

check() {
	make check
}

package() {
	make DESTDIR="$pkgdir" install
	install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING

	cd "$pkgdir"

	# /usr/bin/openssl will be replaced with openssl's binary. We provide
	# a /usr/bin/libressl binary in case something needs it.
	mv usr/bin/openssl usr/bin/libressl

	# Provided by ca-certificates-cacerts
	rm etc/ssl/cert.pem
	rmdir etc/ssl/certs

	# Provided by openssl's libcrypto1.1
	rm etc/ssl/openssl.cnf
}

_libs() {
	local name="${subpkgname#$_namever-}"
	pkgdesc="libressl $name library"
	depends=""

	mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib
	local f; for f in "$pkgdir"/usr/lib/$name.so.*; do
		mv $f "$subpkgdir"/lib/
		ln -s ../../lib/${f##*/} "$subpkgdir"/usr/lib/${f##*/}
	done
	if [ "$name" = "libcrypto" ]; then
		mv "$pkgdir"/etc "$subpkgdir"
	fi
}

sha512sums="b1e576a654d4f740ef466e5291344ee9a65276f2a1d4975bf93c407b8b51d78dd99f381f1d14162ed1f6b6e7f14a67ccdd377e7d9f71ef2875cc8cf17f580c51  libressl-3.1.5.tar.gz
9f1628fbc2a697b6570353920d784b161ca0a122047066d8bee15225bad1e5271aa2ed72b145506bcd4ffe58b35da2caf38c4a048db7e014dabd16b5eba44581  starttls-ldap.patch
18e72b7db28664ee4e294a4a461e48daa90be9e9323584112a5878fd56a578d02f4730c7c788f57cc39b2bc35447df0a47a4391077d764d953419890ad511d35  ssl-libcompat.patch
4c992872addbe4fd612ba9e3f859b5ba69b448aafa7676751ca7ca09bbcfc47a2a1cad468c235f8d1a65c65e8efb38f27c512a32b444346c39ec0d8dcfbcd346  s_client-add-options-verify_.patch"