# Maintainer: Timo Teras global pkgname := 'openssl' global pkgver := '1.0.2l' global pkgrel := '0' global pkgdesc := '"Toolkit for SSL v2/v3 and TLS v1'" global url := '"http://openssl.org'" global depends := '' global makedepends_build := '"perl'" global makedepends_host := '"zlib-dev'" global makedepends := ""$makedepends_host $makedepends_build"" global depends_dev := '"zlib-dev'" global arch := '"all'" global license := '"openssl'" global subpackages := ""$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl"" global source := ""http://www.openssl.org/source/$(pkgname)-$(pkgver).tar.gz 0002-busybox-basename.patch 0003-use-termios.patch 0004-fix-default-ca-path-for-apps.patch 0005-fix-parallel-build.patch 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch 0009-no-rpath.patch 0010-ssl-env-zlib.patch 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch 1002-backport-changes-from-upstream-padlock-module.patch 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch "" # secfixes: # 1.0.2h-r0: # - CVE-2016-2107 # - CVE-2016-2105 # - CVE-2016-2106 # - CVE-2016-2109 # - CVE-2016-2176 # 1.0.2h-r1: # - CVE-2016-2177 # - CVE-2016-2178 # 1.0.2h-r2: # - CVE-2016-2180 # 1.0.2h-r3: # - CVE-2016-2179 # - CVE-2016-2182 # - CVE-2016-6302 # - CVE-2016-6303 # 1.0.2h-r4: # - CVE-2016-2181 # 1.0.2i-r0: # - CVE-2016-2183 # - CVE-2016-6304 # - CVE-2016-6306 global builddir := ""$srcdir"/$pkgname-$pkgver" proc build { var _target = '', _optflags = '' cd $builddir # openssl will prepend crosscompile always core CC et al global CC := $(CC#${CROSS_COMPILE}) global CXX := $(CXX#${CROSS_COMPILE}) global CPP := $(CPP#${CROSS_COMPILE}) # determine target OS for openssl matchstr $CARCH { aarch64* { _target := '"linux-aarch64'" } arm* { _target := '"linux-armv4'" } ppc64le { _target := '"linux-ppc64le'" } x86 { _target := '"linux-elf'" } x86_64 { _target := '"linux-x86_64'"; _optflags := '"enable-ec_nistp_64_gcc_128'" } s390x { _target := '"linux64-s390x'"} * { msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 } } # Configure assumes --options are for it, so can't use # gcc's --sysroot fake this by overriding CC test -n $CBUILDROOT && global CC := ""$CC --sysroot=$(CBUILDROOT)"" perl ./Configure $_target --prefix=/usr \ --libdir=lib \ --openssldir=/etc/ssl \ shared zlib enable-montasm enable-md2 $_optflags \ -DOPENSSL_NO_BUF_FREELISTS \ $CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \ enable-ssl2 make && make build-shared } proc package { cd $builddir make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install # remove the script c_rehash rm "$pkgdir"/usr/bin/c_rehash } proc libcrypto { global pkgdesc := '"Crypto library from openssl'" mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib for i in ["$pkgdir"/usr/lib/libcrypto*] { mv $i "$subpkgdir"/lib/ ln -s ../../lib/$(i##*/) "$subpkgdir"/usr/lib/$(i##*/) } mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/ } proc libssl { global pkgdesc := '"SSL shared libraries'" mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib for i in ["$pkgdir"/usr/lib/libssl*] { mv $i "$subpkgdir"/lib/ ln -s ../../lib/$(i##*/) "$subpkgdir"/usr/lib/$(i##*/) } } global sha512sums := '"047d964508ad6025c79caabd8965efd2416dc026a56183d0ef4de7a0a6769ce8e0b4608a3f8393d326f6d03b26a2b067e6e0c750f35b20be190e595e8290c0e3 openssl-1.0.2l.tar.gz 2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch 58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch 5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch 820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch 17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch 5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch 5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch 8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch 6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch'" (CommandList children: [ (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:pkgname) op:Equal rhs:{(openssl)} spids:[3])] spids: [3] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:pkgver) op:Equal rhs:{(1.0.2l)} spids:[6])] spids: [6] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:pkgrel) op:Equal rhs:{(0)} spids:[9])] spids: [9] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:pkgdesc) op: Equal rhs: {(DQ ("Toolkit for SSL v2/v3 and TLS v1"))} spids: [12] ) ] spids: [12] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:url) op: Equal rhs: {(DQ ("http://openssl.org"))} spids: [17] ) ] spids: [17] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:depends) op:Equal rhs:{(SQ )} spids:[22])] spids: [22] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:makedepends_build) op: Equal rhs: {(DQ (perl))} spids: [24] ) ] spids: [24] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:makedepends_host) op: Equal rhs: {(DQ (zlib-dev))} spids: [29] ) ] spids: [29] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:makedepends) op: Equal rhs: {(DQ ($ VSub_Name "$makedepends_host") (" ") ($ VSub_Name "$makedepends_build"))} spids: [34] ) ] spids: [34] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:depends_dev) op:Equal rhs:{(DQ (zlib-dev))} spids:[41])] spids: [41] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:arch) op:Equal rhs:{(DQ (all))} spids:[46])] spids: [46] ) (Assignment keyword: Assign_None pairs: [(assign_pair lhs:(LhsName name:license) op:Equal rhs:{(DQ (openssl))} spids:[51])] spids: [51] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:subpackages) op: Equal rhs: { (DQ ($ VSub_Name "$pkgname") ("-dbg ") ($ VSub_Name "$pkgname") ("-dev ") ($ VSub_Name "$pkgname") ("-doc libcrypto1.0:libcrypto libssl1.0:libssl") ) } spids: [57] ) ] spids: [57] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:source) op: Equal rhs: { (DQ ("http://www.openssl.org/source/") (${ VSub_Name pkgname) (-) (${ VSub_Name pkgver) (".tar.gz\n") ("\t0002-busybox-basename.patch\n") ("\t0003-use-termios.patch\n") ("\t0004-fix-default-ca-path-for-apps.patch\n") ("\t0005-fix-parallel-build.patch\n") ("\t0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch\n") ("\t0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch\n") ("\t0009-no-rpath.patch\n") ("\t0010-ssl-env-zlib.patch\n") ("\t1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch\n") ("\t1002-backport-changes-from-upstream-padlock-module.patch\n") ("\t1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch\n") ("\t") ) } spids: [68] ) ] spids: [68] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:builddir) op: Equal rhs: {(DQ ($ VSub_Name "$srcdir")) (/) ($ VSub_Name "$pkgname") (-) ($ VSub_Name "$pkgver")} spids: [164] ) ] spids: [164] ) (FuncDef name: build body: (BraceGroup children: [ (Assignment keyword: Assign_Local pairs: [ (assign_pair lhs:(LhsName name:_target) op:Equal spids:[183]) (assign_pair lhs:(LhsName name:_optflags) op:Equal spids:[185]) ] spids: [181] ) (C {(cd)} {(DQ ($ VSub_Name "$builddir"))}) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:CC) op: Equal rhs: { (BracedVarSub token: suffix_op: (StringUnary op_id: VOp1_Pound arg_word: {(${ VSub_Name CROSS_COMPILE)} ) spids: [201 207] ) } spids: [200] ) ] spids: [200] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:CXX) op: Equal rhs: { (BracedVarSub token: suffix_op: (StringUnary op_id: VOp1_Pound arg_word: {(${ VSub_Name CROSS_COMPILE)} ) spids: [211 217] ) } spids: [210] ) ] spids: [210] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:CPP) op: Equal rhs: { (BracedVarSub token: suffix_op: (StringUnary op_id: VOp1_Pound arg_word: {(${ VSub_Name CROSS_COMPILE)} ) spids: [221 227] ) } spids: [220] ) ] spids: [220] ) (Case to_match: {(DQ ($ VSub_Name "$CARCH"))} arms: [ (case_arm pat_list: [{(aarch64) (Lit_Other "*")}] action: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_target) op: Equal rhs: {(DQ (linux-aarch64))} spids: [248] ) ] spids: [248] ) ] spids: [244 246 253 -1] ) (case_arm pat_list: [{(arm) (Lit_Other "*")}] action: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_target) op: Equal rhs: {(DQ (linux-armv4))} spids: [260] ) ] spids: [260] ) ] spids: [256 258 265 -1] ) (case_arm pat_list: [{(ppc64le)}] action: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_target) op: Equal rhs: {(DQ (linux-ppc64le))} spids: [271] ) ] spids: [271] ) ] spids: [268 269 276 -1] ) (case_arm pat_list: [{(x86)}] action: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_target) op: Equal rhs: {(DQ (linux-elf))} spids: [282] ) ] spids: [282] ) ] spids: [279 280 287 -1] ) (case_arm pat_list: [{(x86_64)}] action: [ (Sentence child: (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_target) op: Equal rhs: {(DQ (linux-x86_64))} spids: [293] ) ] spids: [293] ) terminator: ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_optflags) op: Equal rhs: {(DQ (enable-ec_nistp_64_gcc_128))} spids: [299] ) ] spids: [299] ) ] spids: [290 291 304 -1] ) (case_arm pat_list: [{(s390x)}] action: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:_target) op: Equal rhs: {(DQ (linux64-s390x))} spids: [310] ) ] spids: [310] ) ] spids: [307 308 314 -1] ) (case_arm pat_list: [{(Lit_Other "*")}] action: [ (Sentence child: (C {(msg)} { (DQ ("Unable to determine architecture from (CARCH=") ($ VSub_Name "$CARCH") (")") ) } ) terminator: ) (ControlFlow token: arg_word:{(1)}) ] spids: [317 318 334 -1] ) ] spids: [235 241 337] ) (AndOr children: [ (C {(Lit_Other "[")} {(-n)} {(DQ ($ VSub_Name "$CBUILDROOT"))} {(Lit_Other "]")}) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:CC) op: Equal rhs: {(DQ ($ VSub_Name "$CC") (" --sysroot=") (${ VSub_Name CBUILDROOT))} spids: [361] ) ] spids: [361] ) ] op_id: Op_DAmp ) (C {(perl)} {(./Configure)} {($ VSub_Name "$_target")} {(--prefix) (Lit_Other "=") (/usr)} {(--libdir) (Lit_Other "=") (lib)} {(--openssldir) (Lit_Other "=") (/etc/ssl)} {(shared)} {(zlib)} {(enable-montasm)} {(enable-md2)} {($ VSub_Name "$_optflags")} {(-DOPENSSL_NO_BUF_FREELISTS)} {($ VSub_Name "$CPPFLAGS")} {($ VSub_Name "$CFLAGS")} {($ VSub_Name "$LDFLAGS")} {(-Wa) (Lit_Comma ",") (--noexecstack)} {(enable-ssl2)} ) (AndOr children:[(C {(make)})(C {(make)} {(build-shared)})] op_id:Op_DAmp) ] spids: [178] ) spids: [174 177] ) (FuncDef name: package body: (BraceGroup children: [ (C {(cd)} {(DQ ($ VSub_Name "$builddir"))}) (C {(make)} {(Lit_VarLike "INSTALL_PREFIX=") (DQ ($ VSub_Name "$pkgdir"))} {(Lit_VarLike "MANDIR=") (/usr/share/man)} {(Lit_VarLike "MANSUFFIX=") (ssl)} {(install)} ) (C {(rm)} {(DQ ($ VSub_Name "$pkgdir")) (/usr/bin/c_rehash)}) ] spids: [443] ) spids: [439 442] ) (FuncDef name: libcrypto body: (BraceGroup children: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:pkgdesc) op: Equal rhs: {(DQ ("Crypto library from openssl"))} spids: [490] ) ] spids: [490] ) (C {(mkdir)} {(-p)} {(DQ ($ VSub_Name "$subpkgdir")) (/lib)} {(DQ ($ VSub_Name "$subpkgdir")) (/usr/lib)} ) (ForEach iter_name: i iter_words: [{(DQ ($ VSub_Name "$pkgdir")) (/usr/lib/libcrypto) (Lit_Other "*")}] do_arg_iter: False body: (DoGroup children: [ (C {(mv)} {($ VSub_Name "$i")} {(DQ ($ VSub_Name "$subpkgdir")) (/lib/)}) (C {(ln)} {(-s)} {(../../lib/) (BracedVarSub token: suffix_op: (StringUnary op_id:VOp1_DPound arg_word:{("*") (Lit_Slash /)}) spids: [543 548] ) } {(DQ ($ VSub_Name "$subpkgdir")) (/usr/lib/) (BracedVarSub token: suffix_op: (StringUnary op_id:VOp1_DPound arg_word:{("*") (Lit_Slash /)}) spids: [554 559] ) } ) ] spids: [525 562] ) spids: [517 523] ) (C {(mv)} {(DQ ($ VSub_Name "$pkgdir")) (/usr/lib/engines)} {(DQ ($ VSub_Name "$subpkgdir")) (/usr/lib/)} ) ] spids: [487] ) spids: [483 486] ) (FuncDef name: libssl body: (BraceGroup children: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:pkgdesc) op: Equal rhs: {(DQ ("SSL shared libraries"))} spids: [587] ) ] spids: [587] ) (C {(mkdir)} {(-p)} {(DQ ($ VSub_Name "$subpkgdir")) (/lib)} {(DQ ($ VSub_Name "$subpkgdir")) (/usr/lib)} ) (ForEach iter_name: i iter_words: [{(DQ ($ VSub_Name "$pkgdir")) (/usr/lib/libssl) (Lit_Other "*")}] do_arg_iter: False body: (DoGroup children: [ (C {(mv)} {($ VSub_Name "$i")} {(DQ ($ VSub_Name "$subpkgdir")) (/lib/)}) (C {(ln)} {(-s)} {(../../lib/) (BracedVarSub token: suffix_op: (StringUnary op_id:VOp1_DPound arg_word:{("*") (Lit_Slash /)}) spids: [640 645] ) } {(DQ ($ VSub_Name "$subpkgdir")) (/usr/lib/) (BracedVarSub token: suffix_op: (StringUnary op_id:VOp1_DPound arg_word:{("*") (Lit_Slash /)}) spids: [651 656] ) } ) ] spids: [622 659] ) spids: [614 620] ) ] spids: [584] ) spids: [580 583] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:sha512sums) op: Equal rhs: { (DQ ( "047d964508ad6025c79caabd8965efd2416dc026a56183d0ef4de7a0a6769ce8e0b4608a3f8393d326f6d03b26a2b067e6e0c750f35b20be190e595e8290c0e3 openssl-1.0.2l.tar.gz\n" ) ( "2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch\n" ) ( "58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch\n" ) ( "c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch\n" ) ( "5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch\n" ) ( "820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch\n" ) ( "17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch\n" ) ( "5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch\n" ) ( "5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch\n" ) ( "8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch\n" ) ( "a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch\n" ) ( "6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch" ) ) } spids: [664] ) ] spids: [664] ) ] )