Date: Tuesday, September 27, 2016 @ 13:57:04
  Author: pierre
Revision: 277043

archrelease: copy trunk to testing-i686, testing-x86_64

Added:
  openssl/repos/testing-i686/
  openssl/repos/testing-i686/PKGBUILD
    (from rev 277042, openssl/trunk/PKGBUILD)
  openssl/repos/testing-i686/ca-dir.patch
    (from rev 277042, openssl/trunk/ca-dir.patch)
  openssl/repos/testing-i686/no-rpath.patch
    (from rev 277042, openssl/trunk/no-rpath.patch)
  openssl/repos/testing-i686/ssl3-test-failure.patch
    (from rev 277042, openssl/trunk/ssl3-test-failure.patch)
  openssl/repos/testing-x86_64/
  openssl/repos/testing-x86_64/PKGBUILD
    (from rev 277042, openssl/trunk/PKGBUILD)
  openssl/repos/testing-x86_64/ca-dir.patch
    (from rev 277042, openssl/trunk/ca-dir.patch)
  openssl/repos/testing-x86_64/no-rpath.patch
    (from rev 277042, openssl/trunk/no-rpath.patch)
  openssl/repos/testing-x86_64/ssl3-test-failure.patch
    (from rev 277042, openssl/trunk/ssl3-test-failure.patch)

----------------------------------------+
 testing-i686/PKGBUILD                  |   77 +++++++++++++++++++++++++++++++
 testing-i686/ca-dir.patch              |   33 +++++++++++++
 testing-i686/no-rpath.patch            |   11 ++++
 testing-i686/ssl3-test-failure.patch   |   26 ++++++++++
 testing-x86_64/PKGBUILD                |   77 +++++++++++++++++++++++++++++++
 testing-x86_64/ca-dir.patch            |   33 +++++++++++++
 testing-x86_64/no-rpath.patch          |   11 ++++
 testing-x86_64/ssl3-test-failure.patch |   26 ++++++++++
 8 files changed, 294 insertions(+)

Copied: openssl/repos/testing-i686/PKGBUILD (from rev 277042, 
openssl/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD                               (rev 0)
+++ testing-i686/PKGBUILD       2016-09-27 13:57:04 UTC (rev 277043)
@@ -0,0 +1,77 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pie...@archlinux.de>
+
+pkgname=openssl
+_ver=1.0.2j
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer 
Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+options=('!makeflags')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz";
+        "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc";
+        'no-rpath.patch'
+        'ssl3-test-failure.patch'
+        'ca-dir.patch')
+md5sums=('96322138f0b69e61b7212bc53d5e912b'
+         'SKIP'
+         'dc78d3d06baffc16217519242ce92478'
+         '62fc492252edd3283871632bb77fadbe'
+         '3bf51be3a1bbd262be46dc619f92aa90')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
+
+prepare() {
+       cd $srcdir/$pkgname-$_ver
+
+       # remove rpath: http://bugs.archlinux.org/task/14367
+       patch -p0 -i $srcdir/no-rpath.patch
+
+       # disable a test that fails when ssl3 is disabled
+       patch -p1 -i $srcdir/ssl3-test-failure.patch
+
+       # set ca dir to /etc/ssl by default
+       patch -p0 -i $srcdir/ca-dir.patch
+}
+
+build() {
+       cd $srcdir/$pkgname-$_ver
+
+       if [ "${CARCH}" == 'x86_64' ]; then
+               openssltarget='linux-x86_64'
+               optflags='enable-ec_nistp_64_gcc_128'
+       elif [ "${CARCH}" == 'i686' ]; then
+               openssltarget='linux-elf'
+               optflags=''
+       fi
+
+       # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+       ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+               shared no-ssl3-method ${optflags} \
+               "${openssltarget}" \
+               "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+       make depend
+       make
+}
+
+check() {
+       cd $srcdir/$pkgname-$_ver
+       # the test fails due to missing write permissions in /etc/ssl
+       # revert this patch for make test
+       patch -p0 -R -i $srcdir/ca-dir.patch
+       make test
+       patch -p0 -i $srcdir/ca-dir.patch
+}
+
+package() {
+       cd $srcdir/$pkgname-$_ver
+       make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
+       install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+}

Copied: openssl/repos/testing-i686/ca-dir.patch (from rev 277042, 
openssl/trunk/ca-dir.patch)
===================================================================
--- testing-i686/ca-dir.patch                           (rev 0)
+++ testing-i686/ca-dir.patch   2016-09-27 13:57:04 UTC (rev 277043)
@@ -0,0 +1,33 @@
+--- apps/CA.pl.in      2006-04-28 02:30:49.000000000 +0200
++++ apps/CA.pl.in      2010-04-01 00:35:02.600553509 +0200
+@@ -53,7 +53,7 @@
+ $X509="$openssl x509";
+ $PKCS12="$openssl pkcs12";
+ 
+-$CATOP="./demoCA";
++$CATOP="/etc/ssl";
+ $CAKEY="cakey.pem";
+ $CAREQ="careq.pem";
+ $CACERT="cacert.pem";
+--- apps/CA.sh 2009-10-15 19:27:47.000000000 +0200
++++ apps/CA.sh 2010-04-01 00:35:02.600553509 +0200
+@@ -68,7 +68,7 @@
+ X509="$OPENSSL x509"
+ PKCS12="openssl pkcs12"
+ 
+-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
++if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi
+ CAKEY=./cakey.pem
+ CAREQ=./careq.pem
+ CACERT=./cacert.pem
+--- apps/openssl.cnf   2009-04-04 20:09:43.000000000 +0200
++++ apps/openssl.cnf   2010-04-01 00:35:02.607220681 +0200
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+ 
+-dir           = ./demoCA              # Where everything is kept
++dir           = /etc/ssl              # Where everything is kept
+ certs         = $dir/certs            # Where the issued certs are kept
+ crl_dir               = $dir/crl              # Where the issued crl are kept
+ database      = $dir/index.txt        # database index file.

Copied: openssl/repos/testing-i686/no-rpath.patch (from rev 277042, 
openssl/trunk/no-rpath.patch)
===================================================================
--- testing-i686/no-rpath.patch                         (rev 0)
+++ testing-i686/no-rpath.patch 2016-09-27 13:57:04 UTC (rev 277043)
@@ -0,0 +1,11 @@
+--- Makefile.shared.no-rpath   2005-06-23 22:47:54.000000000 +0200
++++ Makefile.shared    2005-11-16 22:35:37.000000000 +0100
+@@ -153,7 +153,7 @@
+       NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+       SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic 
-Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+ 
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS)"
+ 
+ #This is rather special.  It's a special target with which one can link
+ #applications without bothering with any features that have anything to

Copied: openssl/repos/testing-i686/ssl3-test-failure.patch (from rev 277042, 
openssl/trunk/ssl3-test-failure.patch)
===================================================================
--- testing-i686/ssl3-test-failure.patch                                (rev 0)
+++ testing-i686/ssl3-test-failure.patch        2016-09-27 13:57:04 UTC (rev 
277043)
@@ -0,0 +1,26 @@
+From: Kurt Roeckx <k...@roeckx.be>
+Date: Sun, 6 Sep 2015 16:04:11 +0200
+Subject: Disable SSLv3 test in test suite
+
+When testing SSLv3 the test program returns 0 for skip.  The test for weak DH
+expects a failure, but gets success.
+
+It should probably be changed to return something other than 0 for a skipped
+test.
+---
+ test/testssl | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/testssl b/test/testssl
+index 747e4ba..1e4370b 100644
+--- a/test/testssl
++++ b/test/testssl
+@@ -160,7 +160,7 @@ test_cipher() {
+ }
+ 
+ echo "Testing ciphersuites"
+-for protocol in TLSv1.2 SSLv3; do
++for protocol in TLSv1.2; do
+   echo "Testing ciphersuites for $protocol"
+   for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers 
"RSA+$protocol" | tr ':' ' '`; do
+     test_cipher $cipher $protocol

Copied: openssl/repos/testing-x86_64/PKGBUILD (from rev 277042, 
openssl/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD                             (rev 0)
+++ testing-x86_64/PKGBUILD     2016-09-27 13:57:04 UTC (rev 277043)
@@ -0,0 +1,77 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pie...@archlinux.de>
+
+pkgname=openssl
+_ver=1.0.2j
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer 
Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+options=('!makeflags')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz";
+        "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc";
+        'no-rpath.patch'
+        'ssl3-test-failure.patch'
+        'ca-dir.patch')
+md5sums=('96322138f0b69e61b7212bc53d5e912b'
+         'SKIP'
+         'dc78d3d06baffc16217519242ce92478'
+         '62fc492252edd3283871632bb77fadbe'
+         '3bf51be3a1bbd262be46dc619f92aa90')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
+
+prepare() {
+       cd $srcdir/$pkgname-$_ver
+
+       # remove rpath: http://bugs.archlinux.org/task/14367
+       patch -p0 -i $srcdir/no-rpath.patch
+
+       # disable a test that fails when ssl3 is disabled
+       patch -p1 -i $srcdir/ssl3-test-failure.patch
+
+       # set ca dir to /etc/ssl by default
+       patch -p0 -i $srcdir/ca-dir.patch
+}
+
+build() {
+       cd $srcdir/$pkgname-$_ver
+
+       if [ "${CARCH}" == 'x86_64' ]; then
+               openssltarget='linux-x86_64'
+               optflags='enable-ec_nistp_64_gcc_128'
+       elif [ "${CARCH}" == 'i686' ]; then
+               openssltarget='linux-elf'
+               optflags=''
+       fi
+
+       # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+       ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+               shared no-ssl3-method ${optflags} \
+               "${openssltarget}" \
+               "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+       make depend
+       make
+}
+
+check() {
+       cd $srcdir/$pkgname-$_ver
+       # the test fails due to missing write permissions in /etc/ssl
+       # revert this patch for make test
+       patch -p0 -R -i $srcdir/ca-dir.patch
+       make test
+       patch -p0 -i $srcdir/ca-dir.patch
+}
+
+package() {
+       cd $srcdir/$pkgname-$_ver
+       make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
+       install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+}

Copied: openssl/repos/testing-x86_64/ca-dir.patch (from rev 277042, 
openssl/trunk/ca-dir.patch)
===================================================================
--- testing-x86_64/ca-dir.patch                         (rev 0)
+++ testing-x86_64/ca-dir.patch 2016-09-27 13:57:04 UTC (rev 277043)
@@ -0,0 +1,33 @@
+--- apps/CA.pl.in      2006-04-28 02:30:49.000000000 +0200
++++ apps/CA.pl.in      2010-04-01 00:35:02.600553509 +0200
+@@ -53,7 +53,7 @@
+ $X509="$openssl x509";
+ $PKCS12="$openssl pkcs12";
+ 
+-$CATOP="./demoCA";
++$CATOP="/etc/ssl";
+ $CAKEY="cakey.pem";
+ $CAREQ="careq.pem";
+ $CACERT="cacert.pem";
+--- apps/CA.sh 2009-10-15 19:27:47.000000000 +0200
++++ apps/CA.sh 2010-04-01 00:35:02.600553509 +0200
+@@ -68,7 +68,7 @@
+ X509="$OPENSSL x509"
+ PKCS12="openssl pkcs12"
+ 
+-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
++if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi
+ CAKEY=./cakey.pem
+ CAREQ=./careq.pem
+ CACERT=./cacert.pem
+--- apps/openssl.cnf   2009-04-04 20:09:43.000000000 +0200
++++ apps/openssl.cnf   2010-04-01 00:35:02.607220681 +0200
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+ 
+-dir           = ./demoCA              # Where everything is kept
++dir           = /etc/ssl              # Where everything is kept
+ certs         = $dir/certs            # Where the issued certs are kept
+ crl_dir               = $dir/crl              # Where the issued crl are kept
+ database      = $dir/index.txt        # database index file.

Copied: openssl/repos/testing-x86_64/no-rpath.patch (from rev 277042, 
openssl/trunk/no-rpath.patch)
===================================================================
--- testing-x86_64/no-rpath.patch                               (rev 0)
+++ testing-x86_64/no-rpath.patch       2016-09-27 13:57:04 UTC (rev 277043)
@@ -0,0 +1,11 @@
+--- Makefile.shared.no-rpath   2005-06-23 22:47:54.000000000 +0200
++++ Makefile.shared    2005-11-16 22:35:37.000000000 +0100
+@@ -153,7 +153,7 @@
+       NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+       SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic 
-Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+ 
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS)"
+ 
+ #This is rather special.  It's a special target with which one can link
+ #applications without bothering with any features that have anything to

Copied: openssl/repos/testing-x86_64/ssl3-test-failure.patch (from rev 277042, 
openssl/trunk/ssl3-test-failure.patch)
===================================================================
--- testing-x86_64/ssl3-test-failure.patch                              (rev 0)
+++ testing-x86_64/ssl3-test-failure.patch      2016-09-27 13:57:04 UTC (rev 
277043)
@@ -0,0 +1,26 @@
+From: Kurt Roeckx <k...@roeckx.be>
+Date: Sun, 6 Sep 2015 16:04:11 +0200
+Subject: Disable SSLv3 test in test suite
+
+When testing SSLv3 the test program returns 0 for skip.  The test for weak DH
+expects a failure, but gets success.
+
+It should probably be changed to return something other than 0 for a skipped
+test.
+---
+ test/testssl | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/testssl b/test/testssl
+index 747e4ba..1e4370b 100644
+--- a/test/testssl
++++ b/test/testssl
+@@ -160,7 +160,7 @@ test_cipher() {
+ }
+ 
+ echo "Testing ciphersuites"
+-for protocol in TLSv1.2 SSLv3; do
++for protocol in TLSv1.2; do
+   echo "Testing ciphersuites for $protocol"
+   for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers 
"RSA+$protocol" | tr ':' ' '`; do
+     test_cipher $cipher $protocol

Reply via email to