summaryrefslogtreecommitdiff
path: root/dev-libs
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs')
-rw-r--r--dev-libs/Manifest.gzbin100679 -> 100680 bytes
-rw-r--r--dev-libs/apache-arrow/Manifest2
-rw-r--r--dev-libs/apache-arrow/apache-arrow-18.1.0.ebuild127
-rw-r--r--dev-libs/ell/Manifest2
-rw-r--r--dev-libs/ell/ell-0.71.ebuild59
-rw-r--r--dev-libs/libburn/Manifest2
-rw-r--r--dev-libs/libburn/libburn-1.5.6-r1.ebuild5
-rw-r--r--dev-libs/liblogging/Manifest2
-rw-r--r--dev-libs/liblogging/liblogging-1.0.7.ebuild6
-rw-r--r--dev-libs/libzia/Manifest3
-rw-r--r--dev-libs/libzia/files/libzia-4.64-musl-strerror_r.patch14
-rw-r--r--dev-libs/libzia/libzia-4.64-r1.ebuild (renamed from dev-libs/libzia/libzia-4.64.ebuild)4
-rw-r--r--dev-libs/openssl/Manifest11
-rw-r--r--dev-libs/openssl/openssl-3.1.6.ebuild283
-rw-r--r--dev-libs/openssl/openssl-3.1.7.ebuild284
-rw-r--r--dev-libs/openssl/openssl-3.2.2.ebuild302
-rw-r--r--dev-libs/openssl/openssl-3.2.3.ebuild302
-rw-r--r--dev-libs/openssl/openssl-3.3.1-r3.ebuild311
18 files changed, 220 insertions, 1499 deletions
diff --git a/dev-libs/Manifest.gz b/dev-libs/Manifest.gz
index ad90990250f8..88601e5a176c 100644
--- a/dev-libs/Manifest.gz
+++ b/dev-libs/Manifest.gz
Binary files differ
diff --git a/dev-libs/apache-arrow/Manifest b/dev-libs/apache-arrow/Manifest
index 051c712f14a3..6dfd927c46ed 100644
--- a/dev-libs/apache-arrow/Manifest
+++ b/dev-libs/apache-arrow/Manifest
@@ -1,5 +1,7 @@
DIST apache-arrow-18.0.0.tar.gz 19113236 BLAKE2B c358f8e61155432540a4002c6dfba7a3763d934a43eddae0a9a6f98bb26879df51e3cdcc64db6dd684ffde2ef8ef6dcff8906355b5769f71afae907aa1e920c5 SHA512 4df30ab5561da695eaa864422626b9898555d86ca56835c3b8a8ca93a1dbaf081582bb36e2440d1daf7e1dd48c76941f1152a4f25ce0dbcc1c2abe244a00c05e
+DIST apache-arrow-18.1.0.tar.gz 19132388 BLAKE2B 4a8c60d8a5dcf2b8ac4e2ae3a7f555dd0604d5ccc4b72ba317f18e16e75725b24553050fe88a02f382b0581310f20d0b795133b243f2851fa0e8d3801a839358 SHA512 7249c03a6097bc64fb0092143e4d4aaef3227565147e6254f026ddd504177c8dd565a184a0df39743dc989070dc3785e5b66f738c8e310ed9c982b61c2ec4914
DIST arrow-testing-4d209492d514c2d3cb2d392681b9aa00e6d8da1c.tar.gz 3572558 BLAKE2B fe5b6a46babbde8e2becefea09fecf090201a49faa7d4ee2f44b0bb4da42c344b37564999d32fdbd54a81a56c33fbde9b2d9d2fa664bf127cb5661e845fb6229 SHA512 6758ad936e1eeb2c5dd2b4b40fe90822a48a4ce67ee4d36657c168e1db5d9a17c092f4cf571b13d56b568a773515385441874d1ea36a1f6e5b15a99f67176fa3
DIST parquet-testing-cb7a9674142c137367bf75a01b79c6e214a73199.tar.gz 1068025 BLAKE2B 0fdd12d04108b27b17564c60ca36e751453f5d74cfbbe3a076e8befa1696aa0f093e2d1a5eacb99e69a98deda502930ba79b8329403af1e8b9d696e6617c6075 SHA512 dd221d9d59442cebb7158d7cf769d6e5323416bfcde2852eee37a26ff089bc04ea10b9ae7158a37d8694c10469d77c7d251d0dd2549596a7b3899d9c39b45997
EBUILD apache-arrow-18.0.0.ebuild 2988 BLAKE2B 2cbbb8d48ccf1f166255fef3cd83b6954070e166fbc92b25feaca9a205eacfd49dd20a4e4b84b3caa9e42d89d0a33eb3f0f74165e9d966ee82348aa28261b611 SHA512 56ea0d4ccdac63dcfe1640d6e9157cde776b12346ff876c3188dbf25fceb7c56163644aba89a7396571ffeaa477bc256cac811b5f72580eb0602a6de10a4596f
+EBUILD apache-arrow-18.1.0.ebuild 2991 BLAKE2B 3c43f97a77bbef0d3df69bb6e38b68603904eb00624eb712fd5b835ff971d85563f797b97c8f31eae9652e1e3ca19bafafa946ce2e057358df5792dc3eaab74a SHA512 58d8b41f7295b58e39d4c02bec4369e49f2c35509630835e543d043f60708ef62d902d620e6eaf676f882afcdc122e7c99b2ec5800f5cc54645a15f0ad03ffa3
MISC metadata.xml 912 BLAKE2B bffeb1e6d52455313e89396d9b1821fd7d5064e887213d13ae933ef8185318a40095c1623f3793f62d296ecb1afed591614fadc2ca3f75332df1e5a2f5a28d84 SHA512 11fb4dfe0e8c938e6bf3e7e53d1dccee08d80ba32396ac454226827e7c4ed2db70c53812060a9478e359fb2c48c221a05b3632409d73f2659b2117b7c56e8e51
diff --git a/dev-libs/apache-arrow/apache-arrow-18.1.0.ebuild b/dev-libs/apache-arrow/apache-arrow-18.1.0.ebuild
new file mode 100644
index 000000000000..6a952147632e
--- /dev/null
+++ b/dev-libs/apache-arrow/apache-arrow-18.1.0.ebuild
@@ -0,0 +1,127 @@
+# Copyright 2023-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+# arrow.git: testing
+ARROW_DATA_GIT_HASH=4d209492d514c2d3cb2d392681b9aa00e6d8da1c
+# arrow.git: cpp/submodules/parquet-testing
+PARQUET_DATA_GIT_HASH=cb7a9674142c137367bf75a01b79c6e214a73199
+
+DESCRIPTION="A cross-language development platform for in-memory data."
+HOMEPAGE="
+ https://arrow.apache.org/
+ https://github.com/apache/arrow/
+"
+SRC_URI="
+ mirror://apache/arrow/arrow-${PV}/${P}.tar.gz
+ test? (
+ https://github.com/apache/parquet-testing/archive/${PARQUET_DATA_GIT_HASH}.tar.gz
+ -> parquet-testing-${PARQUET_DATA_GIT_HASH}.tar.gz
+ https://github.com/apache/arrow-testing/archive/${ARROW_DATA_GIT_HASH}.tar.gz
+ -> arrow-testing-${ARROW_DATA_GIT_HASH}.tar.gz
+ )
+"
+S="${WORKDIR}/${P}/cpp"
+
+LICENSE="Apache-2.0"
+SLOT="0/$(ver_cut 1)"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~riscv ~s390 ~x86"
+IUSE="
+ +brotli bzip2 compute dataset +json lz4 +parquet re2 +snappy ssl
+ test zlib zstd
+"
+REQUIRED_USE="
+ test? (
+ json
+ parquet? ( zstd )
+ )
+ ssl? ( json )
+"
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+ brotli? ( app-arch/brotli:= )
+ bzip2? ( app-arch/bzip2:= )
+ compute? ( dev-libs/libutf8proc:= )
+ dataset? (
+ dev-libs/libutf8proc:=
+ )
+ lz4? ( app-arch/lz4:= )
+ parquet? (
+ dev-libs/libutf8proc:=
+ dev-libs/thrift:=
+ ssl? ( dev-libs/openssl:= )
+ )
+ re2? ( dev-libs/re2:= )
+ snappy? ( app-arch/snappy:= )
+ zlib? ( sys-libs/zlib:= )
+ zstd? ( app-arch/zstd:= )
+"
+DEPEND="
+ ${RDEPEND}
+ dev-cpp/xsimd
+ >=dev-libs/boost-1.81.0
+ json? ( dev-libs/rapidjson )
+ test? (
+ dev-cpp/gflags
+ dev-cpp/gtest
+ )
+"
+
+src_prepare() {
+ # use Gentoo CXXFLAGS, specify docdir at src_configure.
+ sed -i \
+ -e '/SetupCxxFlags/d' \
+ -e '/set(ARROW_DOC_DIR.*)/d' \
+ CMakeLists.txt \
+ || die
+ cmake_src_prepare
+}
+
+src_configure() {
+ local mycmakeargs=(
+ -DARROW_BUILD_STATIC=OFF
+ -DARROW_BUILD_TESTS=$(usex test)
+ -DARROW_COMPUTE=$(usex compute)
+ -DARROW_CSV=ON
+ -DARROW_DATASET=$(usex dataset)
+ -DARROW_DEPENDENCY_SOURCE=SYSTEM
+ -DARROW_DOC_DIR=share/doc/${PF}
+ -DARROW_FILESYSTEM=ON
+ -DARROW_HDFS=ON
+ -DARROW_JEMALLOC=OFF
+ -DARROW_JSON=$(usex json)
+ -DARROW_PARQUET=$(usex parquet)
+ -DPARQUET_REQUIRE_ENCRYPTION=$(usex ssl)
+ -DARROW_USE_CCACHE=OFF
+ -DARROW_USE_SCCACHE=OFF
+ -DARROW_WITH_BROTLI=$(usex brotli)
+ -DARROW_WITH_BZ2=$(usex bzip2)
+ -DARROW_WITH_LZ4=$(usex lz4)
+ -DARROW_WITH_RE2=$(usex re2)
+ -DARROW_WITH_SNAPPY=$(usex snappy)
+ -DARROW_WITH_ZLIB=$(usex zlib)
+ -DARROW_WITH_ZSTD=$(usex zstd)
+ -DCMAKE_CXX_STANDARD=17
+ )
+ cmake_src_configure
+}
+
+src_test() {
+ local -x PARQUET_TEST_DATA="${WORKDIR}/parquet-testing-${PARQUET_DATA_GIT_HASH}/data"
+ local -x ARROW_TEST_DATA="${WORKDIR}/arrow-testing-${ARROW_DATA_GIT_HASH}/data"
+ cmake_src_test
+}
+
+src_install() {
+ cmake_src_install
+ if use test; then
+ cd "${D}"/usr/$(get_libdir) || die
+ rm -r cmake/ArrowTesting || die
+ rm libarrow_testing* || die
+ rm pkgconfig/arrow-testing.pc || die
+ fi
+}
diff --git a/dev-libs/ell/Manifest b/dev-libs/ell/Manifest
index 2a4fca8adbda..18aed6e701da 100644
--- a/dev-libs/ell/Manifest
+++ b/dev-libs/ell/Manifest
@@ -4,8 +4,10 @@ AUX 0.70/0003-dbus-fix-std-c23-build-failure.patch 1504 BLAKE2B 622532f77ac5342f
AUX 0.70/0004-test-rtnl-fix-std-c23-build-failure.patch 1816 BLAKE2B 452b4e09ffc2bfd40cb653d1258b11a55aaddb3261c84cc627338edc781ad2e10ad647cde6b76f5ed461c5d890bf4299599971fcdcde3c375194c321f4a19b05 SHA512 ceeb9a29c79ca718c1150f3d5738ade94aa52c92d6a88eb33d481a136c3f627312c8c2f291123ace72c277ed1417722969c214746a48d2677d19fe8b45e2aeec
DIST ell-0.69.tar.xz 574172 BLAKE2B 3d28392b6cb378a8512667172598ec3cf9b5eeb5f68c65b43a939636a23a03d8f168b500171c4e1224e97bc072e88e9d57e5f02a9d5cbf489d684537070cfeef SHA512 9631b364ba48f984b104cf1091a4dbf10f675b04f58b555f55249d3fec6610c3ccf6e1b0197e807e843b179a39f22c33b8e2a58c4dbcff91bb8c6ce628618f65
DIST ell-0.70.tar.xz 574184 BLAKE2B eee4c9a6bb3a7f2f04c91cca732a1f6aea86eef2006f22bf6e418fbe0ad2301cdead991cd9e46e8ca75178a5fcc7d7db5430dad2dfabe68490def77e0e51ed90 SHA512 9f6613ccd4bc54e75227863adf213d96068305b22bb47049b97ff801b468c8cd828be350f2b8edb27a2fee33a76cba563e53ce17af181ca483917503e9a1932c
+DIST ell-0.71.tar.xz 574408 BLAKE2B ccd0f15504621c183b9f3e8d109f1f66c23d88b2e0773efc2347fabd147e2f45cca53fc49b4e972a9cf57d3623361bee2eb6864a19523624cb1ca0b4203556f2 SHA512 2e75dda61185d545edfc60157ff94cff6562e6fd4580d2613e189651f4cfc0a1fa6e1408275a790c37705073e67607778a4fdf0200faee7d9b0e25b2bcbf659d
EBUILD ell-0.69.ebuild 1296 BLAKE2B 7e4c0ceaf74a57f4b836d660faa7a4aef7f034c1a5155da65118a0de788c4601de9e0207a6f84ce9390a1191eab5639bd4dcc8c537da3bbacb094bc81f3c02a1 SHA512 3adcd7393a5ffac5058332a606d12726462b5dce125845fbf170e5b2ec5770d2298261d618026ba4d29f725d4ba9f92d0ff7d6712635e792841e7719dc679ebe
EBUILD ell-0.70-r1.ebuild 1335 BLAKE2B eb098818e5b4e008653578635d681b4a6a440804561ad8775d094fc7c041819bb54530fea89ba0cee55a04d068211ed5a49a624c764ab1c850e23dcee54b2b70 SHA512 52899d05f2ea1fd7c2d593df8d4c358073ae4858ae812a2babd3b5c38a497e134030d176abed23aa0f666aac90fd4a563beb31356e9100d925bec1edcf4a36c5
EBUILD ell-0.70.ebuild 1302 BLAKE2B 9b757deb5c5cd80cee0bbd102f69025b115323e5da2e0724210c8ba36c2d46c01b0a9ef07e0a833e06d4594885608ecac5d428c9de4631bf5e58351e0523f550 SHA512 feed44637824b5de817a7dd7f541f03684a29f2a87d608ddb4b19b99f7e199fa42fc0cf5ad2d53238042bb325d08b5bbd039f6d966011c276ed2035ddbea9575
+EBUILD ell-0.71.ebuild 1302 BLAKE2B 9b757deb5c5cd80cee0bbd102f69025b115323e5da2e0724210c8ba36c2d46c01b0a9ef07e0a833e06d4594885608ecac5d428c9de4631bf5e58351e0523f550 SHA512 feed44637824b5de817a7dd7f541f03684a29f2a87d608ddb4b19b99f7e199fa42fc0cf5ad2d53238042bb325d08b5bbd039f6d966011c276ed2035ddbea9575
EBUILD ell-9999.ebuild 1205 BLAKE2B e1dd3bc3e8d0da0757b52ef4af94cb63b2336f5a1524198532e757f10f2825c5d2663c6b5ea431c8a9d75344dbacd5536786867243292c434a136a4f92380753 SHA512 1d8d958b73087fb3dea18458fb72c08fa4ad7dce7e9173183ceef10a80f1a4186a3c9c62ebfccf4b6f622069570f69c473c46d5474a4fc834060952c160b3c29
MISC metadata.xml 251 BLAKE2B a9af03a4a233a890a554ab68f1876580e3720a72c1f946ea6dbb82c49afd94243ea4017cd8a392fa2adea53c588646fd0ebccb948dde0340ec2ff05c0381fb99 SHA512 0837c31655f6a725b0fad20c8998a3a4645dc8049e14980b0097776cf59b4288276489dfddc149893f29844175eeb187a54af7d28690de4afe18ef9fd4c1f98f
diff --git a/dev-libs/ell/ell-0.71.ebuild b/dev-libs/ell/ell-0.71.ebuild
new file mode 100644
index 000000000000..3bc689c9a7c9
--- /dev/null
+++ b/dev-libs/ell/ell-0.71.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit flag-o-matic linux-info
+
+DESCRIPTION="Embedded Linux Library provides core, low-level functionality for system daemons"
+HOMEPAGE="https://git.kernel.org/pub/scm/libs/ell/ell.git"
+if [[ "${PV}" == *9999 ]] ; then
+ inherit autotools git-r3
+ EGIT_REPO_URI="https://git.kernel.org/pub/scm/libs/ell/ell.git"
+else
+ SRC_URI="https://mirrors.edge.kernel.org/pub/linux/libs/${PN}/${P}.tar.xz"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
+fi
+LICENSE="LGPL-2.1+"
+SLOT="0"
+
+IUSE="pie test"
+RESTRICT="!test? ( test )"
+
+DEPEND="test? ( sys-apps/dbus )"
+
+CONFIG_CHECK="
+ ~TIMERFD
+ ~EVENTFD
+ ~CRYPTO_USER_API
+ ~CRYPTO_USER_API_HASH
+ ~CRYPTO_MD5
+ ~CRYPTO_SHA1
+ ~KEY_DH_OPERATIONS
+"
+
+src_prepare() {
+ default
+ sed -i -e "s#/tmp/ell-test-bus#/tmp/ell-test-bus-$(uuidgen)#" \
+ unit/test-dbus*.c unit/dbus.conf || die
+ [[ "${PV}" == *9999 ]] && eautoreconf
+}
+
+src_configure() {
+ append-cflags "-fsigned-char" #662694
+ local myeconfargs=(
+ $(use_enable pie)
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+
+ find "${ED}" -name "*.la" -delete || die
+}
+
+src_test() {
+ # New dbus tests fail with >3 jobs, this should get fixed soon
+ emake -j1 check
+}
diff --git a/dev-libs/libburn/Manifest b/dev-libs/libburn/Manifest
index 876694e0544c..6c574f513073 100644
--- a/dev-libs/libburn/Manifest
+++ b/dev-libs/libburn/Manifest
@@ -1,3 +1,3 @@
DIST libburn-1.5.6.tar.gz 995353 BLAKE2B 2c4b2e0a191c2a02327177bc5acd418d14a0c6eb9de065de171b0c4240a8bd7746ab2fd775fa1f0433bc1fe98dd47620524ec2954f4aa0f2015557cf881a5d3f SHA512 549cb25310aac5ce445639374d84f0c09fb1fdd70be97479588775e5afcc12dd0655c5bf51bd3f1bf8c06a66b318fd1e709dcfd72845e795ffaf353ea621accd
-EBUILD libburn-1.5.6-r1.ebuild 982 BLAKE2B 4ddad1162dabc285e25f635dece95afe808d7240213f0652ee3550833e7a7bd2db012c0852a5912c45bac4d089b488935b6c22283595b8d20f86debcb5915004 SHA512 917567667c4a443f6ed01885199384041d6bec3c1bf407e7e24d1a2b9134fa20cd9ebd7fa9b1cb5c3a65c2727f8fbe222b12e6d40ee92ad593178e5728b86f2f
+EBUILD libburn-1.5.6-r1.ebuild 1037 BLAKE2B 91ec3579e75f6999e9755120399363303d499ce75a4295779aad3a11bf018b1b6fbc4b25c102493ffd29d76d8bc4d281e69b5ffc3d688e1d14c228905069677e SHA512 1bada708cf6bb114ebcfc9fdcdb632b9209945a5ef12cc8716c7a0d7d6ed33441e970e76c850dab7a46bb0ebf6821593b13ded3bfadbc87fb5d12adc08625b95
MISC metadata.xml 244 BLAKE2B 81e7bffb2ab3a3015b9a90bb48d0f62a65b55840b50a77f41b24961c3d9f682405c866b25a88c900785d60f669e60791607921808b988ab3ae525e31933e6067 SHA512 d4a328a1ed124445554a4a6f16cd5d9021314f6f4634c9e2866a68ca318220889554603e405c7aba69e9135cb5848de9bbf361f923fd3c0a5a6c803345351b93
diff --git a/dev-libs/libburn/libburn-1.5.6-r1.ebuild b/dev-libs/libburn/libburn-1.5.6-r1.ebuild
index bfc39f3c7a9b..caa8712f3c7b 100644
--- a/dev-libs/libburn/libburn-1.5.6-r1.ebuild
+++ b/dev-libs/libburn/libburn-1.5.6-r1.ebuild
@@ -3,7 +3,7 @@
EAPI=8
-inherit autotools
+inherit autotools flag-o-matic
DESCRIPTION="Open-source library for reading, mastering and writing optical discs"
HOMEPAGE="https://dev.lovelyhq.com/libburnia/web/wiki/Libburn"
@@ -29,6 +29,9 @@ src_prepare() {
}
src_configure() {
+ # bug #943701
+ append-cflags -std=gnu17
+
econf \
$(use_enable static-libs static) \
--disable-ldconfig-at-install \
diff --git a/dev-libs/liblogging/Manifest b/dev-libs/liblogging/Manifest
index d9367671fd16..020ac79a7bec 100644
--- a/dev-libs/liblogging/Manifest
+++ b/dev-libs/liblogging/Manifest
@@ -2,5 +2,5 @@ DIST liblogging-1.0.6.tar.gz 593393 BLAKE2B c2ca93225b7594c2c064f14e83f475cf2f3d
DIST liblogging-1.0.7.gh.tar.gz 288035 BLAKE2B 85530ccd3ef42c0c28e6f5edf43ee4ff7af5d4707f03cf08d03b1122f0c942cf97a13ff13eb79325f3aab7b4edfe9da0c313a3327ae422cef0fe763ff444ed53 SHA512 74e86b093831a9a08d8868d3828654a47c3a8d03a0dc6d9345deba9d55aca6daa391b4c53d0efe61012ceee131b75b88b302dde906cd485f54a89e823963247e
EBUILD liblogging-1.0.6-r1.ebuild 834 BLAKE2B d7cfeffebf66a42c37949aabe3cc6cf6ae3a6a69703e90d005bdd636cf5c4663fac8132e6f2223c8483edd0f3c356497988c7c3a2f310834eee2274d04bc7aef SHA512 eaf50442fb3b78bd583469440a7e3e0a858a318d2d40844a7aba16d954f7108ddbdee9872653949c1a1e541d2b90f946b13a6e96b19f61be80fdf8e96ed47fab
EBUILD liblogging-1.0.6.ebuild 810 BLAKE2B 4015df99b46b43fad2befc7d5ee3b12902f42e11eedfb1ac804951d0947dc2d1fed913c4b618b6c35416f498e226289dffd9f5a8e9c204ec1cb1c715faf67075 SHA512 8c06267b26c322caa53260dffe886aa074d69bfef0509e179a206f9c970001112c9895197b91e96dc8d95d231c1ceb1647c8114753d3a325a716cae12bb6abef
-EBUILD liblogging-1.0.7.ebuild 1024 BLAKE2B 1e1a3ad3961353c6cf8099e1a8124803b74310cb9b4ecef314334d1b03b460210575f255e145c4bc268ebef62f500c72b83333fb31e743df9d784eaa93be3d43 SHA512 4e78a8b1c0d21e05095b89c3eecc5bb6e5e35de1eb6bec683452b587ed58cddd6c322f078dc82772271a4aa7e84ba0be78f517829f15e0176b9d48ccb1bafa42
+EBUILD liblogging-1.0.7.ebuild 1104 BLAKE2B b78be4f889f0e0bde0aef9b6795b28331e3d6a2ace6e7c3bb15310b516848ae1081c49ac715d1d65203e2f6a44625581f87571620b736eb0f904cb70fa848959 SHA512 e1f880bcf2e2e84a9890b0b70ffb9609b771d782b4add98e862a9d5d575c29f5ad6364346f68907dc934cb3f9f4141e70eec80a2a6e6308052e1c2f41f75623a
MISC metadata.xml 682 BLAKE2B 565139039edf76c80ead1408b674406dbdeb05bdb5a8cf800a79e4dc318445ede30d4c93e6e9987e7752add7dbfff2d0210e1ae17050481fea075401de12fed2 SHA512 a1649c3eb172a5e587a86b42117f032a2ee906d6eebaa6a056537cbafd9c4c92cb2d0ed7e134e6f487d1d533aff8ab8a57eb8d26a7f4933afaa6c2b84681b2c9
diff --git a/dev-libs/liblogging/liblogging-1.0.7.ebuild b/dev-libs/liblogging/liblogging-1.0.7.ebuild
index 9d945e871e28..7ca31ea77f45 100644
--- a/dev-libs/liblogging/liblogging-1.0.7.ebuild
+++ b/dev-libs/liblogging/liblogging-1.0.7.ebuild
@@ -17,7 +17,11 @@ IUSE="systemd"
RDEPEND="systemd? ( sys-apps/systemd )"
DEPEND="${RDEPEND}"
-BDEPEND="virtual/pkgconfig"
+# Can drop docutils dep if/when release tarballs return
+BDEPEND="
+ dev-python/docutils
+ virtual/pkgconfig
+"
DOCS=( ChangeLog )
diff --git a/dev-libs/libzia/Manifest b/dev-libs/libzia/Manifest
index d1ccb912734d..49f9dda5280c 100644
--- a/dev-libs/libzia/Manifest
+++ b/dev-libs/libzia/Manifest
@@ -1,5 +1,6 @@
+AUX libzia-4.64-musl-strerror_r.patch 642 BLAKE2B b71edcb7676a8337a7793c6296f0d8155a66eea83b76bcd961171ece923824b9b24d30470047c66bc9b4f719b87e30a6c41f5cc29fc9003af7cf8e9643423aff SHA512 91c7aba0f5e40fad0e0392b026dd9f277b834f61853cf08948225e777caadec51c68746488cb90199e51dc332d75ec6cd7aa0f2d5318014573ca847e3a4ffa06
DIST libzia-4.61.tar.gz 649569 BLAKE2B 992f7d7a4f2a7497d490a32b04c2f67e45aef361d4f55bd24ab873b3a422f2bd2a23501c275d6771459b5ebe5d169fc28123a4fd328f0977a639fa92991ba62b SHA512 210104a16846b4bbae51e91cd88428cb8b6f487a6bc234a8a7351d03865ff968bf75d102dfe5657f9fc1c181e2071a4e4ab6be0e22da277188f3ab9752ea789d
DIST libzia-4.64.tar.gz 655073 BLAKE2B 7ec3397565d441d7f820bda9b73e1051031e30bea6111e28cc2073cd1ea49be237c35c1eb358671b1930de74e0e2f3ff4beb476676ce9b9bef608a9f39da5ca3 SHA512 5e520fb1e1782e919c727e6056ae1e979c9774e9a994267c9eabe86f4a5b9c62d11639b59735e236cc36fa42e319418e4cbe12a2e41c47d5040ed6c1d7929192
EBUILD libzia-4.61.ebuild 1192 BLAKE2B ad0b154d8494e3b7415eaa8dc6f1d421196fd13da93b63edba012155fbf62470709c125e5c36524485045c20e1272edbe1efec5c7a4f5ff73aaa16b7f170b720 SHA512 12b3a534a7a60e96e347452cc74394a1aa31eb48bf0ed059fff036821c7acdd8cddead73165ae9b20384208867e92d2844bae6802b3e2daae07abf98b9449128
-EBUILD libzia-4.64.ebuild 1194 BLAKE2B dc2a684fbe620ca80e26d2b8ce85f7a4f9f67a55dd93c4deae51b39a9e7a19bee310f98b36473988771f08aa922a55d2dd2082956c0443c09fa13496f7577f9d SHA512 31190be0bccb1b5079d131d0c5af2653df3d0f6ee41c6c59f955dd116fc09d5b0ed143acf380f4dfce299e2953bd669a734265d087e45da4d994fa14e76ed17b
+EBUILD libzia-4.64-r1.ebuild 1259 BLAKE2B 6a59570ce37460c1d5c0b7e4e30f0d5bfb574e4237f6dc91f911b4467b0398e60124d51341b1fa89caa0384767d9a2cdb79a548f094733b539a2e21742ff7166 SHA512 0b54d35057b649155e2ef4e55d2dc4d8cf4720dbf11bdd0bf358e66f6dcdd39794f8ba7757d7354188aae455ff4c82beefa5e8124867bfe4e7369c7cc4fa90f1
MISC metadata.xml 326 BLAKE2B 1b8ed6c9d40252f3371cf9a1ec295f593c8898dd8e45173ca05cededf987c7e44e2fafca613f8ad3022e9fbb6886d6aec2d183fd47c3064f35038784f361ebc4 SHA512 0c8a48b1101aa184dc596581feaf47463688801cb0f342177ecfb6fade1d63520ca1b9dcb278279470c181b560f555de332e4d2583e8856eec9057cde34df48f
diff --git a/dev-libs/libzia/files/libzia-4.64-musl-strerror_r.patch b/dev-libs/libzia/files/libzia-4.64-musl-strerror_r.patch
new file mode 100644
index 000000000000..e0fa0a7c46f0
--- /dev/null
+++ b/dev-libs/libzia/files/libzia-4.64-musl-strerror_r.patch
@@ -0,0 +1,14 @@
+# fix detecxtion of return type of strerror_r (bug #942789)
+diff --git a/configure.ac b/configure.ac
+index 0f4efac..2f4526e 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -511,7 +511,7 @@ fi
+
+ OLDCFLAGS=$CFLAGS
+ CFLAGS="$CFLAGS -Werror"
+-AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <string.h> ]], [[ int i = strerror_r(1);]])],[ AC_DEFINE([Z_STRERROR_R_RETURNS_INT], [], [strerror_r returns int not char*])],[])
++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <string.h> ]], [[ int i = strerror_r(1, NULL, 1);]])],[ AC_DEFINE([STRERROR_R_RETURNS_INT], [], [strerror_r returns int not char*])],[])
+ CFLAGS=$OLDCFLAGS
+
+
diff --git a/dev-libs/libzia/libzia-4.64.ebuild b/dev-libs/libzia/libzia-4.64-r1.ebuild
index 7bc214eded10..52dda13f3f52 100644
--- a/dev-libs/libzia/libzia-4.64.ebuild
+++ b/dev-libs/libzia/libzia-4.64-r1.ebuild
@@ -32,11 +32,13 @@ src_prepare() {
sed -i -e "s/docsdir/#docsdir/g" \
-e "s/docs_/#docs_/g" Makefile.am || die
- # fix build for MUSL (bugs #832235, 935544)
+ # fix build for MUSL (bugs #832235, 935544, 942789)
if use elibc_musl ; then
sed -i -e "s/zstr.h>/zstr.h>\\n#include <libunwind.h>/" src/zbfd.c || die
sed -i -e "s/ backtrace(/ unw_backtrace(/" src/zbfd.c || die
+ eapply "${FILESDIR}/${PN}-4.64-musl-strerror_r.patch"
fi
+
eautoreconf
}
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index 8b2d64f0cf34..eb2fb4bc67de 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -23,16 +23,10 @@ DIST openssl-3.0.14.tar.gz 15305497 BLAKE2B 7426aea63d5495775c4a0440658cc9c46c4a
DIST openssl-3.0.14.tar.gz.asc 833 BLAKE2B 8a700452f6f698fbfa206469888fd72706f1798be212e712fd8a4c1ae87f0d98d54820974c64a3db3b5ac69d7beda665f462e83182337391212c0e72e1feb72e SHA512 003d17a2b71176517f5bfba6699c18b271111e5fec3effc275b965286140d1281fa6f5f5e6bcf63feca89dfa035ab776bda8d2af4b71ae921ca9e7a936581fb4
DIST openssl-3.0.15.tar.gz 15318633 BLAKE2B f2900d0894b97e86c709079ca4336d5dc508d69e91d3a4de4420c8d9344cb54dada6ea2cdd408166e53db0c652b06654e670701166b67a0a40578676e1cea535 SHA512 acd80f2f7924d90c1416946a5c61eff461926ad60f4821bb6b08845ea18f8452fd5e88a2c2c5bd0d7590a792cb8341a3f3be042fd0a5b6c9c1b84a497c347bbf
DIST openssl-3.0.15.tar.gz.asc 833 BLAKE2B 43088d6ae9e95aec8cfa08c0d338d76c2299ee89a1719a39c497b25c83a4c0c2d155fa00a62b47e15a7f2889680197741390c850d62a84ec5ce27ed1bbddcd28 SHA512 8b9471074130fd26b511820a1c2586792fd0105421515734c213ae18de27b5b026261e64d4cb8f5e7b568d1f4193484ebe0e99eda9d99df72474310a568ca3bf
-DIST openssl-3.1.6.tar.gz 15672690 BLAKE2B 70112a7ece66bb6faf1a262c503c1df08924b8c1b9b08a1395856f903b1d1b4a38956b485e83415c29fafbf990ae8aced9b2fb0a2af84863b5c0a2a6581282cf SHA512 18ca07ee6a98d5fe46accfa0156e0354ad770d78bbbbe8e4bb92b316a0e4404f17a34eb700f17ed355d826a4b2166894aa46d8dd81fedbcb16aa1aad0926a390
-DIST openssl-3.1.6.tar.gz.asc 833 BLAKE2B 24fbb26ccf60ede99b9ea6ef6a2a8f1ae89c7881c21eafafeae7a498332dbaf7e52c94b2c52247e34511cc4bd204e71a68aa1a6dab133376e1f15bf676ef58be SHA512 ef3ca59527ca7b00430c251df399ea2cbe47ef0deebf4158250baac8e575ea26582756228f12dd0f7009b55199b0134e77ec47ade9835f1785c74703aa84987e
DIST openssl-3.1.7.tar.gz 15684836 BLAKE2B 1332f4b2454b6c9bf3ff2099aa343d6202bec98c6e44fba6377d5bb8efd9bf337df3a95549d874a2908f376056f6f333e6f65cbec7e27377d1ab8cbefddaa241 SHA512 bb4743c1a95148901d2d2bc51460c14cea3387c7dda9323524adbdb11334562f72aa3a873913c51ea1ffce606e675e22a74f78b3119b6a956da3f75c942cd0e2
DIST openssl-3.1.7.tar.gz.asc 833 BLAKE2B 17220aa3274a5eda3df8c04f60f87a48fcf5c773167e746bf3f9feb6cc3c03b024a2e83b1c93122b6baa073b12417e2910230f270287be7b7f2c5300814b7fda SHA512 89b6f4b913aac8b2519aac586ba0c70a3df331eb70ea79c2aa45355bfd9430ba1af3c8ea0d31b171f55036a8cc332207787cabf58da871f400d666a5ae09ce2a
-DIST openssl-3.2.2.tar.gz 17744472 BLAKE2B f42d44f31dc9ccf26ffe1fdd4a0119506a211808f92e860a34118109eae2ee7bcb5b0f43cbdf9eb811cd185cb53e092e62d652f7c0c0ce55b13289f7489073c9 SHA512 ebc945065f62a8a2ea4e2f136a2afaea4d38a03bb07a148f7fb73c34a64475a4069de122ebee11a66e421dbd58756ad7ab2d3f905dc90acee72d62757d8c0a2d
-DIST openssl-3.2.2.tar.gz.asc 833 BLAKE2B 09ef1766e771e1d7aac675a09bd9588ee9d76a1fe39794826fd5d9057ae41366a7e92fe81a40bc2fe19a309be612687d8ff760da3f3c44115e3b21b0342b5f46 SHA512 7a798e9c02d25510f4ec49b8956ebf4288760e1272bf327f36b253045ab2f50ac8042071f78984d1b463f07aa2b027f26ad2fbc31deacaac5658fc35437ddc66
DIST openssl-3.2.3.tar.gz 17762604 BLAKE2B 1445336aa92d0fd9df266ad570fe2bf5701279e462dd3fccd4cf662f328bfee923dc6c72c42c1921fd38bce43e1c60cacdec3f1c2963fe0ffda6a0e8e34ac6e4 SHA512 9e9f06ab630914e32e64bfb945dfa375ea3595b3db4eb8ef68288a58909baf753b34998439907c22ff2b8561cfd3f3f6b7fbf22981479e66a98c2e92fda172a2
DIST openssl-3.2.3.tar.gz.asc 833 BLAKE2B 5a7289ed40534a058b9eb7686ce444b9d453a2973ab7ebda01c99f7245f6ba19197123f8bb3b16940d4bfbc5e313babc0249f280e55911190b47da3a47ed1e6a SHA512 e727adb88f84c48082ef0cae963bf999cce11619f7322014cc7f36c16e8375a60542f518c1b86319208cf8da33044e942b3d65208bc59fd4a5f522ab78ff1c23
-DIST openssl-3.3.1.tar.gz 18055752 BLAKE2B b09bbe94f49c33015fbcee5f578a20c0da33c289791bf33292170d5d3de44ea2e22144ee11067947aef2733e979c0fded875a4ec92d81468285837053447e68e SHA512 d3682a5ae0721748c6b9ec2f1b74d2b1ba61ee6e4c0d42387b5037a56ef34312833b6abb522d19400b45d807dd65cc834156f5e891cb07fbaf69fcf67e1c595d
-DIST openssl-3.3.1.tar.gz.asc 833 BLAKE2B e22c068dfcd0205f1cd27f965b76dcaf59bed61181523f198e40d61a4867b20a7636c853c427497559362a92766f430807f02b693821ac38daaa898946f2dba2 SHA512 ae2db74829b71a68e1fc86229396d76f60a9a98e6bba9adc62bdcf2581b60fb0e29ecde2b53a5686c452e754801568e05d3c4f47e8faf02219ac1aae78283338
DIST openssl-3.3.2.tar.gz 18076531 BLAKE2B cc53d45418673bc2a406d6697b8bd17ff6c726463c4ccc87bb2fa5a6592d0d178dc8cfeb2fbb980ea354a5dc2c86f31c48453427c6937896c7221273e623c9b5 SHA512 5ae47bf1aed2740a33ba5df7dc7345a6738aa6bfa3c9c4de5e51742485e24b25192988d7a2c1b8201ef70056ad8abd0ca78b3d55abe24c0b0373d83b47ed9b74
DIST openssl-3.3.2.tar.gz.asc 833 BLAKE2B c318e2dcef085b83ced77048dc136d9bc8438d49a7985f3c6ebd4ffd0e5e290ece47e8fd1074c6cc056e87b2bae2101dd58b8d70dbc0eb99aa134d776125439c SHA512 981f8438bbd541b97e745aca1bb77cde68900ce4b5ffefc9eccc2f18c675292203f6b4c7bffefde2256a442b7310d8438279b52fb21aac65921e9a529bc00067
EBUILD openssl-1.0.2u-r1.ebuild 9768 BLAKE2B 46d26e3dd92c898c6fe715e5d07b4e2e9c3e3a66d3566798774d1d30ca267c8815beb1a777c75d555060934761c43f7b92d89fca73617262ea33a7cab96d44e6 SHA512 3888a1bc9a604bbbd04dd4bc843ba79dbadc85d8a396dde3d657bc05423478f225896c5274b883c309a9b79da42738342a83bba9f7157cda16e46c6a8b7ba84b
@@ -41,13 +35,8 @@ EBUILD openssl-3.0.13-r2.ebuild 8576 BLAKE2B 088d34e456b6b5f9eb4238a1bb9f2b16b3f
EBUILD openssl-3.0.14.ebuild 8486 BLAKE2B 27b4cae37a13133a70b9cc4c724d93ab7ac03f14e4fe200c7739fac82d37ae55f860aa9a90576a6fac8683e0dbcb7308ea4e1a36b9006506dffeb0240fead10f SHA512 6d9ed1a0dc7d7f9b18000958fef23e22dd9774d5f3275e107693a399bc491d7ce5f0389a9bc375a3c1b52399e3ef982758d414d306fbd123f57034b2aaff853d
EBUILD openssl-3.0.15-r1.ebuild 8619 BLAKE2B ce93ad735b31627ca5306a69cf184bfed669b54cb027ae48a9bf30f34fec13538d2309f852d9a22d9ecbb3069b308150d7b15085d8253e35ee30444121c8a134 SHA512 ad80e3d4d6402c1c23bcd605dc1fa6e057ad0e86f3b28965349d6466e575456fad7b8fef0959542ca18ac0ddbf30b013063d6e0d3ad8a3d79ae918200356f02d
EBUILD openssl-3.0.15.ebuild 8560 BLAKE2B 037351a0c38c0f9718d7d14504b30dfffb7b9c4c68247700bc76016518f038a90cb42ed42dcdcc7158610b1a763409e10ae9eb5d78384561f5a54831873357bf SHA512 ca5140f12ed72840385febe08735079b4100728d7007e38c9bedb8c94bfca21e4a786de1c0db8df4d6204b9227f6ccb7346167b42055583fe0c89c82be7fefcb
-EBUILD openssl-3.1.6.ebuild 8598 BLAKE2B d352f91f702031010fdd2e61eaa978e7225a6107495500176bfe2f144012734114de5f56ac7371c77d79f967e82433613117b640b1910351d5a63f84642105fe SHA512 06817408d50fb5323539bd7fb1a20add62f51221f77ab2ef6e2a1635daecb5bbfd4c9bbe220cb83779cc1b0d8007037be1e10069e48423fa0945b9e1751c188e
EBUILD openssl-3.1.7-r1.ebuild 8653 BLAKE2B 8e5bd338024de4eb8f21ebf954855acea0f4bb35295d636ca0609dd42d21083553cee4a9db4201b6c498addb010191cc769feb618114289c64964d1eaff9e80d SHA512 5a3390c3bdf197f5a6d910d10dbedb1ccca0e03b6783a84bc108c6523744e2d0c989a83fffe7f0d4e3f2b611d480bdd4df12b51cde35aaea286da1aa363bb2ad
-EBUILD openssl-3.1.7.ebuild 8600 BLAKE2B e529f65f0160aad596a7e66eb65b6b420a691492f09b1fcbf1742199094f41961191a0660ddf7323e346d2ea86228d31f0a8a0805f90926a4f59892e5145b4c9 SHA512 7ce1f229410baeddb0a32e919e655283c474af04d963d72c6218c907dbada5aa73c87deec04ddee0253030a89211367bd5e968c68810d07c6b46138d37317ecf
-EBUILD openssl-3.2.2.ebuild 9243 BLAKE2B c496fe0830007cb6783f007942f482598d7679a1e2833204fbce25e4531200942196769e11c5857e8268c4fe9906d881d15751da9aecd273b260557d4a6d3e4f SHA512 609a7320b6c00e83e13b5c9563abd7cbc50d6c00bd7ff5d6588ccde4a016a72f73c911df7f75a9042f7ee52a0458bc494727dd30728ebe2954d1a7fd6cf0c726
EBUILD openssl-3.2.3-r1.ebuild 9297 BLAKE2B 615433d9a0b42433b821768e3227928e4d6bbdd2f96b73189b01df41d4968c989f0f96105fca850ed528e47c9e8ba95559d26d0148109414d109dc2c26081830 SHA512 e49fdce217dd78e3a024ffdbed753b349717ce31c2d21dc006d8d88e6b8600260fd81be3cb5d37a87016925717242aa2391316ab18a685cc2a32ccd2436ee4c4
-EBUILD openssl-3.2.3.ebuild 9244 BLAKE2B ea5d608dc392835f979919ac1835e74520dc57e50f83981eb23877fd8d920583aa9bace217e8b74e33ca7be155ba00af48e5f584944d32d28caf1eb8efde7ef7 SHA512 2cc9092d801aabba5617fb9007e73e094bb31f7c4f18245a44ecc7113020595cbee702e58eb400ddc424ebc6e98f0ebef2e2a68e659463d0be6bf06350fad3d7
-EBUILD openssl-3.3.1-r3.ebuild 9610 BLAKE2B 24735bd23959bc70d278cabdbe51c12c7e436e8b6f1e0294568ed28e3b466879e74bca6f33a9cacfb698edb23d9b4cf47226f513e8233513cd7569c139c5119d SHA512 d320b34b79fdd8cc54c87d0a31c458e5bae4afbdab2519b012f0893554f7731652634eb64e7b8d308a6f24766f0e508a11a660b97adc5bbc6578f04714ac8493
EBUILD openssl-3.3.2-r1.ebuild 9335 BLAKE2B ee18b06cf6fd1acb256d095cef2bb6b3195f3007662790a15474ad048d2adf151d35de306c4bd27511fd4e77920e330a7f4ea494a9b6a6983dfde28bf1d0130a SHA512 e550c59af18703b2dd905c066e61cd14f37b4b32acb87b4f04ec4588cb475290832a947f81902c42ef0c905a4cb7fbf0ca7fb58a428403c85ca082bc86901032
EBUILD openssl-3.3.2.ebuild 9274 BLAKE2B 510de2a09c086e94813d5f623dbb59a6df2fc0e7f11c4c691b5198606b934f59e7ac2ddf6a0171a06435fee820a2d4d4795996a2fec2cad15fc378557f947223 SHA512 be42e686822beab6937cd6350925c4071c85f26682feb55fc88435479fd1706f1d01cbda3618b41c1a7822ea4a83c1593e9ff7ad7db9e2fb52da84058ff355b0
MISC metadata.xml 1674 BLAKE2B 2195a6538e1b4ec953c707460988f153e40abe7495fd761403c9a54b44ecb7cb5c69ac37ac7d4d18bc0086cf9b4accaaac19926fe5b2ac4b2c547ce1c9e08a6d SHA512 d4eda999c1027f9d8102c59275665f5b01d234c4a7636755a6d3c64b9aad2a657d14256b1527d9b7067cb653458b058db7f5bb20873e48927291092d9ccdd1c6
diff --git a/dev-libs/openssl/openssl-3.1.6.ebuild b/dev-libs/openssl/openssl-3.1.6.ebuild
deleted file mode 100644
index e323bbb7dd73..000000000000
--- a/dev-libs/openssl/openssl-3.1.6.ebuild
+++ /dev/null
@@ -1,283 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
- verify-sig? (
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
- )
- "
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( <sec-keys/openpgp-keys-openssl-20240920 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.1.7.ebuild b/dev-libs/openssl/openssl-3.1.7.ebuild
deleted file mode 100644
index 3145f12953ae..000000000000
--- a/dev-libs/openssl/openssl-3.1.7.ebuild
+++ /dev/null
@@ -1,284 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
- verify-sig? (
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
- )
- "
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 )
-"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.2.2.ebuild b/dev-libs/openssl/openssl-3.2.2.ebuild
deleted file mode 100644
index 7f5f395ed547..000000000000
--- a/dev-libs/openssl/openssl-3.2.2.ebuild
+++ /dev/null
@@ -1,302 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
- verify-sig? (
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
- )
- "
-
- if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
- fi
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( <sec-keys/openpgp-keys-openssl-20240920 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308 -- check inserts GNU ld-compatible arguments
- [[ ${CHOST} == *-darwin* ]] || append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # See https://github.com/openssl/openssl/blob/master/test/README.md for options.
- #
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- #
- # -j1 here for https://github.com/openssl/openssl/issues/21999, but it
- # shouldn't matter as tests were already built earlier, and HARNESS_JOBS
- # controls running the tests.
- emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.2.3.ebuild b/dev-libs/openssl/openssl-3.2.3.ebuild
deleted file mode 100644
index 39d5d62b0df1..000000000000
--- a/dev-libs/openssl/openssl-3.2.3.ebuild
+++ /dev/null
@@ -1,302 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
- verify-sig? (
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
- )
- "
-
- if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
- fi
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 )
-"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308 -- check inserts GNU ld-compatible arguments
- [[ ${CHOST} == *-darwin* ]] || append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # See https://github.com/openssl/openssl/blob/master/test/README.md for options.
- #
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- #
- # -j1 here for https://github.com/openssl/openssl/issues/21999, but it
- # shouldn't matter as tests were already built earlier, and HARNESS_JOBS
- # controls running the tests.
- emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.3.1-r3.ebuild b/dev-libs/openssl/openssl-3.3.1-r3.ebuild
deleted file mode 100644
index 010402ea701f..000000000000
--- a/dev-libs/openssl/openssl-3.3.1-r3.ebuild
+++ /dev/null
@@ -1,311 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
- verify-sig? (
- https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
- )
- "
-
- if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
- KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
- fi
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls +quic rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( <sec-keys/openpgp-keys-openssl-20240920 )
-"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-PATCHES=(
- # bug 936311, drop on next version bump
- "${FILESDIR}"/${P}-riscv.patch
- # https://bugs.gentoo.org/936793
- "${FILESDIR}"/openssl-3.3.1-pkg-config.patch
- # https://bugs.gentoo.org/936576
- "${FILESDIR}"/openssl-3.3.1-pkg-config-deux.patch
- # https://bugs.gentoo.org/937457
- "${FILESDIR}"/openssl-3.3.1-cmake-generator.patch
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile || die
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308 -- check inserts GNU ld-compatible arguments
- [[ ${CHOST} == *-darwin* ]] || append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(multilib_is_native_abi || echo "no-docs")
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use quic && echo "enable-quic")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-}
-
-multilib_src_test() {
- # See https://github.com/openssl/openssl/blob/master/test/README.md for options.
- #
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- #
- # -j1 here for https://github.com/openssl/openssl/issues/21999, but it
- # shouldn't matter as tests were already built earlier, and HARNESS_JOBS
- # controls running the tests.
- emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}