commit: 854e41602f005250f34368be3a3cc5be5615663c
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Oct 3 03:13:03 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Oct 3 03:13:03 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=854e4160
dev-libs/openssl: drop 1.1.1v
Signed-off-by: Sam James <sam <AT> gentoo.org>
dev-libs/openssl/Manifest | 2 -
dev-libs/openssl/openssl-1.1.1v.ebuild | 265 ---------------------------------
2 files changed, 267 deletions(-)
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index 33b9b25abf15..890b05d86e5b 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -3,8 +3,6 @@ DIST openssl-1.0.2t-bindist-1.0.tar.xz 13872 BLAKE2B
b2aade96a6e0ca6209a39e205b1
DIST openssl-1.0.2u.tar.gz 5355412 BLAKE2B
b2ff2a10e5851af5aca4093422a9a072c794e87b997263826c1c35910c040f695fac63decac5856cb49399ed03d410f97701d9fd4e1ebfbcacd8f3a74ce8bf57
SHA512
c455bb309e20e2c2d47fdc5619c734d107d5c8c38c1409903ce979acc120b0d5fa0312917c0aa0d630e402d092a703d4249643f36078e8528a3cafc9dac6ab32
DIST openssl-1.1.1u.tar.gz 9892176 BLAKE2B
5de9cb856e497596ecba008bad6515eefd093849b9c66dd7447031723996f3ba66ac37a323a5f7d01b1d42df4daaceb523372f5897d5c53b935ffab91c566594
SHA512
d00aeb0b4c4676deff06ff95af7ac33dd683b92f972b4a8ae55cf384bb37c7ec30ab83c6c0745daf87cf1743a745fced6a347fd11fed4c548aa0953610ed4919
DIST openssl-1.1.1u.tar.gz.asc 833 BLAKE2B
7a978a94264a14be04372fea39868e9177e8a0b0f24344267702022e19ee0f52e91ad141d7c54da870f7ec0df9b2e43b80939f1d274dd0b44d36da2670e3a468
SHA512
40245d65ace95b2002bf64bcba184c92fec3420b08d9f61f3a709c4842e9478595105d8adce33a08eb98d351d2a0989ec342b08cdd9104498ea0543b6e592d28
-DIST openssl-1.1.1v.tar.gz 9893443 BLAKE2B
9b3066d1911466dec909052667aafe9b974d2fa0a9798105b7501d62300e5a61a154fb94e633e46918303e9fcc1afc077e6efb5727eb967b75a795d8e2ed60a7
SHA512
1a67340d99026aa62bf50ff89165d9f77fe4a6690fe30d1751b5021dd3f238391afd581b41724687c322c4e3af1770c44a63766a06e9b8cab6425101153e0c7e
-DIST openssl-1.1.1v.tar.gz.asc 833 BLAKE2B
a851629231591679c37a53342a7da565879fe626ce56ee586184c6e3694ee9cb15cf10b52e6ef17eac6cb25b66e3d50d1a703d42a5056a51f1567178956bfb11
SHA512
3e188f60d57f844fda6e6382623cb082e18d7caec38f9e6ab13d8d101ca0b0d234cfd7aba041ab975d5cd168c1ec0f147ff8a77e515a416461bfd108cb4244e0
DIST openssl-1.1.1w.tar.gz 9893384 BLAKE2B
2fdba6ca0188928ab2f74e606136afca66cfa0467170fa6298ef160b64ac6fdcad1e81e5dd14013ce0e9921d0f7417edec531cd0beaf1196fec704c2c6d48395
SHA512
b4c625fe56a4e690b57b6a011a225ad0cb3af54bd8fb67af77b5eceac55cc7191291d96a660c5b568a08a2fbf62b4612818e7cca1bb95b2b6b4fc649b0552b6d
DIST openssl-1.1.1w.tar.gz.asc 833 BLAKE2B
d990be69ed913509d52b78e7473668429d4485adb29ef03e4612dd0cadbac4f04c7289d8e5baf6f397bcedeaac9f802f18fc719964d882ae0514ed1ca16ae277
SHA512
0f3d7aa48b1cabf8dd43e8108aeed10a4dffb4f5a244d4da9c86ea358b0c8b90c46da561d21e01c567c2f5035d824ed82ec104aad1776b7f33a1be85990e98ef
DIST openssl-3.0.10.tar.gz 15194904 BLAKE2B
8bb3bd02b8dc64441ebfea98c4778d3ee0794540186904371a5aed81cb4f6d6903809bf97faafbc2a719617353234484f0d610f2806621229131fdad343f7231
SHA512
fc12f3beed5e2d2f4767aeb772ceb6ba26f6cbfabc247765854108266b27a1223134f0e81735867a9069bc9c07a14b9816e85903cef91bd1b90f781f0b98b61a
diff --git a/dev-libs/openssl/openssl-1.1.1v.ebuild
b/dev-libs/openssl/openssl-1.1.1v.ebuild
deleted file mode 100644
index 7440cf3d3dcc..000000000000
--- a/dev-libs/openssl/openssl-1.1.1v.ebuild
+++ /dev/null
@@ -1,265 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic toolchain-funcs multilib-minimal verify-sig
-
-MY_P=${P/_/-}
-DESCRIPTION="Full-strength general purpose cryptography library (including SSL
and TLS)"
-HOMEPAGE="https://www.openssl.org/";
-SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="openssl"
-SLOT="0/1.1" # .so version of libssl/libcrypto
-if [[ ${PV} != *_pre* ]] ; then
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc
~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos
~x64-macos ~x64-solaris"
-fi
-IUSE="+asm rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test
tls-compression tls-heartbeat vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
- tls-compression? (
>=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"
-DEPEND="${RDEPEND}"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- sys-devel/bc
- kernel_linux? ( sys-process/procps )
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-PDEPEND="app-misc/ca-certificates"
-
-# force upgrade to prevent broken login, bug #696950
-RDEPEND+=" !<net-misc/openssh-8.0_p1-r3"
-
-MULTILIB_WRAPPED_HEADERS=(
- usr/include/openssl/opensslconf.h
-)
-
-PATCHES=(
- # General patches which are suitable to always apply
- # If they're Gentoo specific, add to USE=-vanilla logic in src_prepare!
- "${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch # bug #671602
- "${FILESDIR}"/${PN}-1.1.1i-riscv32.patch
-)
-
-pkg_setup() {
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are
enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable
2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} !=
1 ]]; then
- die "FEATURES=test with USE=sctp requires
net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations
here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES}; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to
fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-
- # Remove test target when FEATURES=test isn't set
- if ! use test ; then
- sed \
- -e '/^$config{dirs}/s@ "test",@@' \
- -i Configure || die
- fi
-
- if use prefix && [[ ${CHOST} == *-solaris* ]] ; then
- # use GNU ld full option, not to confuse it on Solaris
- sed -i \
- -e 's/-Wl,-M,/-Wl,--version-script=/' \
- -e 's/-Wl,-h,/-Wl,--soname=/' \
- Configurations/10-main.conf || die
- fi
-
- # The config script does stupid stuff to prompt the user. Kill it.
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/18225
- # -
https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to
various
- # warnings/errors (which may or may not be false positives), it's
considered
- # unsupported, and it's not tested in CI:
https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-cppflags -DOPENSSL_NO_BUF_FREELISTS
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo
"Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Use configuration ${sslout:-(openssl knows best)}"
- local config=( perl "${S}/Configure" )
- [[ -z ${sslout} ]] && config=( sh "${S}/config" -v )
-
- # "disable-deprecated" option breaks too many consumers.
- # Don't set it without thorough revdeps testing.
- # Make sure user flags don't get added *yet* to avoid duplicated
- # flags.
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- ${ec_nistp_64_gcc_128}
- enable-idea
- enable-mdc2
- enable-rc5
- $(use_ssl sslv3 ssl3)
- $(use_ssl sslv3 ssl3-method)
- $(use_ssl asm)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl tls-heartbeat heartbeats)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo "${config[@]}" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake all
-}
-
-multilib_src_test() {
- emake -j1 test
-}
-
-multilib_src_install() {
- emake DESTDIR="${D}" install_sw
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF}
MANSUFFIX=ssl install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to
rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-}
