summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2019-01-02 22:57:28 +0100
committerThomas Deutschmann <whissi@gentoo.org>2019-01-02 22:58:20 +0100
commit8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c (patch)
tree80c86b6f7afc34530dd38427a5588b51ed36a78a
parentmedia-gfx/cura: version bump to 3.6.0 (diff)
downloadgentoo-8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.tar.gz
gentoo-8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.tar.bz2
gentoo-8d6b4d861cc299d5dd9691a73f9eab81e02d5f6c.zip
dev-libs/openssl: rev bumped to add some cherry-picked patches
Package-Manager: Portage-2.3.53, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch27
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch97
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch420
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch26
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch68
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch51
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch57
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch56
-rw-r--r--dev-libs/openssl/openssl-1.1.1a-r1.ebuild299
9 files changed, 1101 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch
new file mode 100644
index 00000000000..8014be130ab
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch
@@ -0,0 +1,27 @@
+From 3be71a31a1dda204bb95462a92cf7f247e64b939 Mon Sep 17 00:00:00 2001
+From: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Date: Sun, 16 Dec 2018 12:43:59 +0100
+Subject: [PATCH] Fix a minor nit in the hkdflabel size
+
+Reviewed-by: Paul Dale <paul.dale@oracle.com>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7913)
+
+(cherry picked from commit 0b4233f5a4a181a6dcb7c511cd2663e500e659a4)
+---
+ ssl/tls13_enc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
+index c3021d18aa9..e36b7d3a066 100644
+--- a/ssl/tls13_enc.c
++++ b/ssl/tls13_enc.c
+@@ -41,7 +41,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ * + bytes for the hash itself
+ */
+ unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
+- + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN
++ + (sizeof(label_prefix) - 1) + TLS13_MAX_LABEL_LEN
+ + 1 + EVP_MAX_MD_SIZE];
+ WPACKET pkt;
+
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
new file mode 100644
index 00000000000..8f249e22a1d
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
@@ -0,0 +1,97 @@
+From c25ae0fff78cb3cb784ef79167329d5cd55b62de Mon Sep 17 00:00:00 2001
+From: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Date: Thu, 27 Dec 2018 22:18:21 +0100
+Subject: [PATCH] Fix cert with rsa instead of rsaEncryption as public key
+ algorithm
+
+Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
+(Merged from https://github.com/openssl/openssl/pull/7962)
+
+(cherry picked from commit 1f483a69bce11c940309edc437eee6e32294d5f2)
+---
+ crypto/rsa/rsa_ameth.c | 9 ++++++---
+ test/certs/root-cert-rsa2.pem | 18 ++++++++++++++++++
+ test/recipes/25-test_verify.t | 4 +++-
+ 3 files changed, 27 insertions(+), 4 deletions(-)
+ create mode 100644 test/certs/root-cert-rsa2.pem
+
+diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
+index a6595aec054..75debb3e0a9 100644
+--- a/crypto/rsa/rsa_ameth.c
++++ b/crypto/rsa/rsa_ameth.c
+@@ -34,7 +34,7 @@ static int rsa_param_encode(const EVP_PKEY *pkey,
+
+ *pstr = NULL;
+ /* If RSA it's just NULL type */
+- if (pkey->ameth->pkey_id == EVP_PKEY_RSA) {
++ if (pkey->ameth->pkey_id != EVP_PKEY_RSA_PSS) {
+ *pstrtype = V_ASN1_NULL;
+ return 1;
+ }
+@@ -58,7 +58,7 @@ static int rsa_param_decode(RSA *rsa, const X509_ALGOR *alg)
+ int algptype;
+
+ X509_ALGOR_get0(&algoid, &algptype, &algp, alg);
+- if (OBJ_obj2nid(algoid) == EVP_PKEY_RSA)
++ if (OBJ_obj2nid(algoid) != EVP_PKEY_RSA_PSS)
+ return 1;
+ if (algptype == V_ASN1_UNDEF)
+ return 1;
+@@ -109,7 +109,10 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+ RSA_free(rsa);
+ return 0;
+ }
+- EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa);
++ if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) {
++ RSA_free(rsa);
++ return 0;
++ }
+ return 1;
+ }
+
+diff --git a/test/certs/root-cert-rsa2.pem b/test/certs/root-cert-rsa2.pem
+new file mode 100644
+index 00000000000..b817fdf3e5d
+--- /dev/null
++++ b/test/certs/root-cert-rsa2.pem
+@@ -0,0 +1,18 @@
++-----BEGIN CERTIFICATE-----
++MIIC7DCCAdSgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
++IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjASMRAwDgYDVQQD
++DAdSb290IENBMIIBHTAIBgRVCAEBBQADggEPADCCAQoCggEBAOHmAPUGvKBGOHkP
++Px5xGRNtAt8rm3Zr/KywIe3WkQhCO6VjNexSW6CiSsXWAJQDl1o9uWco0n3jIVyk
++7cY8jY6E0Z1Uwz3ZdKKWdmdx+cYaUHez/XjuW+DjjIkjwpoi7D7UN54HzcArVREX
++OjRCHGkNOhiw7RWUXsb9nofGHOeUGpLAXwXBc0PlA94JkckkztiOi34u4DFI0YYq
++alUmeugLNk6XseCkydpcaUsDgAhWg6Mfsiq4wUz+xbFN1MABqu2+ziW97mmt9gfN
++biuhiVT1aOuYCe3JYGbLM2JKA7Bo1g6rX8E1VX79Ru6669y2oqPthX9337VoIkN+
++ZiQjr8UCAwEAAaNQME4wHQYDVR0OBBYEFI71Ja8em2uEPXyAmslTnE1y96NSMB8G
++A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
++KoZIhvcNAQELBQADggEBAJ0OIdog3uQ1pmsjv1Qtf1w4If1geOn5uK0EOj2wYBHt
++NxlFn7l8d9+51QMZFO+RlQJ0s3Webyo1ReuaL2dMn2LGJhWMoSBAwrMALAENU3lv
++8jioRbfO2OamsdpJpKxQUyUJYudNe+BoKNX/ry3rxezmsFsRr9nDMiJZpmBCXiMm
++mFFJOJkG0CheexBbMkua4kyStIOwO4rb5bSHszVso/9ucdGHBSC7oRcJXoWSDjBx
++PdQPPBK5g4yqL8Lz26ehgsmhRKL9k32eVyjDKcIzgpmgcPTfTqNbd1KHQJKx4ssb
++7nEpGKHalSo5Oq5L9s9qYrUv37kwBY4OpJFtmGaodoI=
++-----END CERTIFICATE-----
+diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
+index 6c3deab7c67..b80a1cde3ed 100644
+--- a/test/recipes/25-test_verify.t
++++ b/test/recipes/25-test_verify.t
+@@ -27,7 +27,7 @@ sub verify {
+ run(app([@args]));
+ }
+
+-plan tests => 134;
++plan tests => 135;
+
+ # Canonical success
+ ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
+@@ -361,6 +361,8 @@ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"]
+ "Not too many names and constraints to check (2)");
+ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ),
+ "Not too many names and constraints to check (3)");
++ok(verify("root-cert-rsa2", "sslserver", ["root-cert-rsa2"], [], "-check_ss_sig"),
++ "Public Key Algorithm rsa instead of rsaEncryption");
+
+ SKIP: {
+ skip "Ed25519 is not supported by this OpenSSL build", 1
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch
new file mode 100644
index 00000000000..2db64d83e45
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch
@@ -0,0 +1,420 @@
+From 0fb2815b873304d145ed00283454fc9f3bd35e6b Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Tue, 4 Dec 2018 08:37:04 +0000
+Subject: [PATCH] Fix some SSL_export_keying_material() issues
+
+Fix some issues in tls13_hkdf_expand() which impact the above function
+for TLSv1.3. In particular test that we can use the maximum label length
+in TLSv1.3.
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7755)
+---
+ doc/man3/SSL_export_keying_material.pod | 3 +-
+ ssl/ssl_locl.h | 2 +-
+ ssl/statem/extensions.c | 2 +-
+ ssl/statem/statem_clnt.c | 2 +-
+ ssl/statem/statem_srvr.c | 2 +-
+ ssl/tls13_enc.c | 73 +++++++++++++++++--------
+ test/sslapitest.c | 48 ++++++++++++----
+ test/tls13secretstest.c | 2 +-
+ 8 files changed, 92 insertions(+), 42 deletions(-)
+
+diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod
+index abebf911fc3..4c81a60ffbb 100644
+--- a/doc/man3/SSL_export_keying_material.pod
++++ b/doc/man3/SSL_export_keying_material.pod
+@@ -59,7 +59,8 @@ B<label> and should be B<llen> bytes long. Typically this will be a value from
+ the IANA Exporter Label Registry
+ (L<https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels>).
+ Alternatively labels beginning with "EXPERIMENTAL" are permitted by the standard
+-to be used without registration.
++to be used without registration. TLSv1.3 imposes a maximum label length of
++249 bytes.
+
+ Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and
+ above. Attempting to use it in SSLv3 will result in an error.
+diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
+index 70e5a1740f9..307131de93a 100644
+--- a/ssl/ssl_locl.h
++++ b/ssl/ssl_locl.h
+@@ -2461,7 +2461,7 @@ __owur int tls13_hkdf_expand(SSL *s, const EVP_MD *md,
+ const unsigned char *secret,
+ const unsigned char *label, size_t labellen,
+ const unsigned char *data, size_t datalen,
+- unsigned char *out, size_t outlen);
++ unsigned char *out, size_t outlen, int fatal);
+ __owur int tls13_derive_key(SSL *s, const EVP_MD *md,
+ const unsigned char *secret, unsigned char *key,
+ size_t keylen);
+diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
+index 63e61c6184a..716d6d23e08 100644
+--- a/ssl/statem/extensions.c
++++ b/ssl/statem/extensions.c
+@@ -1506,7 +1506,7 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
+
+ /* Generate the binder key */
+ if (!tls13_hkdf_expand(s, md, early_secret, label, labelsize, hash,
+- hashsize, binderkey, hashsize)) {
++ hashsize, binderkey, hashsize, 1)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
+index 5a8f1163dfa..a0e495d8e83 100644
+--- a/ssl/statem/statem_clnt.c
++++ b/ssl/statem/statem_clnt.c
+@@ -2740,7 +2740,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
+ PACKET_data(&nonce),
+ PACKET_remaining(&nonce),
+ s->session->master_key,
+- hashlen)) {
++ hashlen, 1)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
+index e7c11c4bea4..a8e862ced55 100644
+--- a/ssl/statem/statem_srvr.c
++++ b/ssl/statem/statem_srvr.c
+@@ -4099,7 +4099,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
+ tick_nonce,
+ TICKET_NONCE_SIZE,
+ s->session->master_key,
+- hashlen)) {
++ hashlen, 1)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
+index f7ab0fa4704..c3021d18aa9 100644
+--- a/ssl/tls13_enc.c
++++ b/ssl/tls13_enc.c
+@@ -13,7 +13,7 @@
+ #include <openssl/evp.h>
+ #include <openssl/kdf.h>
+
+-#define TLS13_MAX_LABEL_LEN 246
++#define TLS13_MAX_LABEL_LEN 249
+
+ /* Always filled with zeros */
+ static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
+@@ -22,30 +22,47 @@ static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
+ * Given a |secret|; a |label| of length |labellen|; and |data| of length
+ * |datalen| (e.g. typically a hash of the handshake messages), derive a new
+ * secret |outlen| bytes long and store it in the location pointed to be |out|.
+- * The |data| value may be zero length. Returns 1 on success 0 on failure.
++ * The |data| value may be zero length. Any errors will be treated as fatal if
++ * |fatal| is set. Returns 1 on success 0 on failure.
+ */
+ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ const unsigned char *label, size_t labellen,
+ const unsigned char *data, size_t datalen,
+- unsigned char *out, size_t outlen)
++ unsigned char *out, size_t outlen, int fatal)
+ {
+- const unsigned char label_prefix[] = "tls13 ";
++ static const unsigned char label_prefix[] = "tls13 ";
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+ int ret;
+ size_t hkdflabellen;
+ size_t hashlen;
+ /*
+- * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined
+- * prefix and label + bytes for the label itself + bytes for the hash
++ * 2 bytes for length of derived secret + 1 byte for length of combined
++ * prefix and label + bytes for the label itself + 1 byte length of hash
++ * + bytes for the hash itself
+ */
+ unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
+ + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN
+- + EVP_MAX_MD_SIZE];
++ + 1 + EVP_MAX_MD_SIZE];
+ WPACKET pkt;
+
+ if (pctx == NULL)
+ return 0;
+
++ if (labellen > TLS13_MAX_LABEL_LEN) {
++ if (fatal) {
++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
++ ERR_R_INTERNAL_ERROR);
++ } else {
++ /*
++ * Probably we have been called from SSL_export_keying_material(),
++ * or SSL_export_keying_material_early().
++ */
++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
++ }
++ EVP_PKEY_CTX_free(pctx);
++ return 0;
++ }
++
+ hashlen = EVP_MD_size(md);
+
+ if (!WPACKET_init_static_len(&pkt, hkdflabel, sizeof(hkdflabel), 0)
+@@ -59,8 +76,11 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ || !WPACKET_finish(&pkt)) {
+ EVP_PKEY_CTX_free(pctx);
+ WPACKET_cleanup(&pkt);
+- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
+- ERR_R_INTERNAL_ERROR);
++ if (fatal)
++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
++ ERR_R_INTERNAL_ERROR);
++ else
++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
+@@ -74,9 +94,13 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+
+ EVP_PKEY_CTX_free(pctx);
+
+- if (ret != 0)
+- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
+- ERR_R_INTERNAL_ERROR);
++ if (ret != 0) {
++ if (fatal)
++ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_HKDF_EXPAND,
++ ERR_R_INTERNAL_ERROR);
++ else
++ SSLerr(SSL_F_TLS13_HKDF_EXPAND, ERR_R_INTERNAL_ERROR);
++ }
+
+ return ret == 0;
+ }
+@@ -91,7 +115,7 @@ int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ static const unsigned char keylabel[] = "key";
+
+ return tls13_hkdf_expand(s, md, secret, keylabel, sizeof(keylabel) - 1,
+- NULL, 0, key, keylen);
++ NULL, 0, key, keylen, 1);
+ }
+
+ /*
+@@ -104,7 +128,7 @@ int tls13_derive_iv(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ static const unsigned char ivlabel[] = "iv";
+
+ return tls13_hkdf_expand(s, md, secret, ivlabel, sizeof(ivlabel) - 1,
+- NULL, 0, iv, ivlen);
++ NULL, 0, iv, ivlen, 1);
+ }
+
+ int tls13_derive_finishedkey(SSL *s, const EVP_MD *md,
+@@ -114,7 +138,7 @@ int tls13_derive_finishedkey(SSL *s, const EVP_MD *md,
+ static const unsigned char finishedlabel[] = "finished";
+
+ return tls13_hkdf_expand(s, md, secret, finishedlabel,
+- sizeof(finishedlabel) - 1, NULL, 0, fin, finlen);
++ sizeof(finishedlabel) - 1, NULL, 0, fin, finlen, 1);
+ }
+
+ /*
+@@ -177,7 +201,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
+ if (!tls13_hkdf_expand(s, md, prevsecret,
+ (unsigned char *)derived_secret_label,
+ sizeof(derived_secret_label) - 1, hash, mdlen,
+- preextractsec, mdlen)) {
++ preextractsec, mdlen, 1)) {
+ /* SSLfatal() already called */
+ EVP_PKEY_CTX_free(pctx);
+ return 0;
+@@ -337,7 +361,7 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md,
+ hashlen = (size_t)hashleni;
+
+ if (!tls13_hkdf_expand(s, md, insecret, label, labellen, hash, hashlen,
+- secret, hashlen)) {
++ secret, hashlen, 1)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+@@ -517,7 +541,8 @@ int tls13_change_cipher_state(SSL *s, int which)
+ early_exporter_master_secret,
+ sizeof(early_exporter_master_secret) - 1,
+ hashval, hashlen,
+- s->early_exporter_master_secret, hashlen)) {
++ s->early_exporter_master_secret, hashlen,
++ 1)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err;
+@@ -604,7 +629,7 @@ int tls13_change_cipher_state(SSL *s, int which)
+ resumption_master_secret,
+ sizeof(resumption_master_secret) - 1,
+ hashval, hashlen, s->resumption_master_secret,
+- hashlen)) {
++ hashlen, 1)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+@@ -624,7 +649,7 @@ int tls13_change_cipher_state(SSL *s, int which)
+ exporter_master_secret,
+ sizeof(exporter_master_secret) - 1,
+ hash, hashlen, s->exporter_master_secret,
+- hashlen)) {
++ hashlen, 1)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+@@ -738,10 +763,10 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0
+ || !tls13_hkdf_expand(s, md, s->exporter_master_secret,
+ (const unsigned char *)label, llen,
+- data, datalen, exportsecret, hashsize)
++ data, datalen, exportsecret, hashsize, 0)
+ || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel,
+ sizeof(exporterlabel) - 1, hash, hashsize,
+- out, olen))
++ out, olen, 0))
+ goto err;
+
+ ret = 1;
+@@ -797,10 +822,10 @@ int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,
+ || EVP_DigestFinal_ex(ctx, data, &datalen) <= 0
+ || !tls13_hkdf_expand(s, md, s->early_exporter_master_secret,
+ (const unsigned char *)label, llen,
+- data, datalen, exportsecret, hashsize)
++ data, datalen, exportsecret, hashsize, 0)
+ || !tls13_hkdf_expand(s, md, exportsecret, exporterlabel,
+ sizeof(exporterlabel) - 1, hash, hashsize,
+- out, olen))
++ out, olen, 0))
+ goto err;
+
+ ret = 1;
+diff --git a/test/sslapitest.c b/test/sslapitest.c
+index 108d57e4781..a4bbb4fead4 100644
+--- a/test/sslapitest.c
++++ b/test/sslapitest.c
+@@ -4028,20 +4028,25 @@ static int test_serverinfo(int tst)
+ * no test vectors so all we do is test that both sides of the communication
+ * produce the same results for different protocol versions.
+ */
++#define SMALL_LABEL_LEN 10
++#define LONG_LABEL_LEN 249
+ static int test_export_key_mat(int tst)
+ {
+ int testresult = 0;
+ SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+- const char label[] = "test label";
++ const char label[LONG_LABEL_LEN + 1] = "test label";
+ const unsigned char context[] = "context";
+ const unsigned char *emptycontext = NULL;
+ unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80];
+ unsigned char skeymat1[80], skeymat2[80], skeymat3[80];
++ size_t labellen;
+ const int protocols[] = {
+ TLS1_VERSION,
+ TLS1_1_VERSION,
+ TLS1_2_VERSION,
++ TLS1_3_VERSION,
++ TLS1_3_VERSION,
+ TLS1_3_VERSION
+ };
+
+@@ -4058,7 +4063,7 @@ static int test_export_key_mat(int tst)
+ return 1;
+ #endif
+ #ifdef OPENSSL_NO_TLS1_3
+- if (tst == 3)
++ if (tst >= 3)
+ return 1;
+ #endif
+ if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
+@@ -4076,33 +4081,52 @@ static int test_export_key_mat(int tst)
+ SSL_ERROR_NONE)))
+ goto end;
+
++ if (tst == 5) {
++ /*
++ * TLSv1.3 imposes a maximum label len of 249 bytes. Check we fail if we
++ * go over that.
++ */
++ if (!TEST_int_le(SSL_export_keying_material(clientssl, ckeymat1,
++ sizeof(ckeymat1), label,
++ LONG_LABEL_LEN + 1, context,
++ sizeof(context) - 1, 1), 0))
++ goto end;
++
++ testresult = 1;
++ goto end;
++ } else if (tst == 4) {
++ labellen = LONG_LABEL_LEN;
++ } else {
++ labellen = SMALL_LABEL_LEN;
++ }
++
+ if (!TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat1,
+ sizeof(ckeymat1), label,
+- sizeof(label) - 1, context,
++ labellen, context,
+ sizeof(context) - 1, 1), 1)
+ || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat2,
+ sizeof(ckeymat2), label,
+- sizeof(label) - 1,
++ labellen,
+ emptycontext,
+ 0, 1), 1)
+ || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat3,
+ sizeof(ckeymat3), label,
+- sizeof(label) - 1,
++ labellen,
+ NULL, 0, 0), 1)
+ || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat1,
+ sizeof(skeymat1), label,
+- sizeof(label) - 1,
++ labellen,
+ context,
+ sizeof(context) -1, 1),
+ 1)
+ || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat2,
+ sizeof(skeymat2), label,
+- sizeof(label) - 1,
++ labellen,
+ emptycontext,
+ 0, 1), 1)
+ || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat3,
+ sizeof(skeymat3), label,
+- sizeof(label) - 1,
++ labellen,
+ NULL, 0, 0), 1)
+ /*
+ * Check that both sides created the same key material with the
+@@ -4131,10 +4155,10 @@ static int test_export_key_mat(int tst)
+ * Check that an empty context and no context produce different results in
+ * protocols less than TLSv1.3. In TLSv1.3 they should be the same.
+ */
+- if ((tst != 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3,
++ if ((tst < 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3,
+ sizeof(ckeymat3)))
+- || (tst ==3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3,
+- sizeof(ckeymat3))))
++ || (tst >= 3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3,
++ sizeof(ckeymat3))))
+ goto end;
+
+ testresult = 1;
+@@ -5909,7 +5933,7 @@ int setup_tests(void)
+ ADD_ALL_TESTS(test_custom_exts, 3);
+ #endif
+ ADD_ALL_TESTS(test_serverinfo, 8);
+- ADD_ALL_TESTS(test_export_key_mat, 4);
++ ADD_ALL_TESTS(test_export_key_mat, 6);
+ #ifndef OPENSSL_NO_TLS1_3
+ ADD_ALL_TESTS(test_export_key_mat_early, 3);
+ #endif
+diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c
+index 319df17bab0..de318df02b4 100644
+--- a/test/tls13secretstest.c
++++ b/test/tls13secretstest.c
+@@ -226,7 +226,7 @@ static int test_secret(SSL *s, unsigned char *prk,
+ }
+
+ if (!tls13_hkdf_expand(s, md, prk, label, labellen, hash, hashsize,
+- gensecret, hashsize)) {
++ gensecret, hashsize, 1)) {
+ TEST_error("Secret generation failed");
+ return 0;
+ }
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch
new file mode 100644
index 00000000000..c2f8bb638b3
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch
@@ -0,0 +1,26 @@
+From 3ccccb91ae1c07a4310778b3d7ba74ff4ff787f0 Mon Sep 17 00:00:00 2001
+From: Paul Yang <yang.yang@baishancloud.com>
+Date: Wed, 21 Nov 2018 13:16:27 +0800
+Subject: [PATCH] Fix wrong return value in ssl3_ctx_ctrl
+
+This fixes issue #7677
+
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7678)
+---
+ ssl/s3_lib.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
+index 866ca4dfa9b..99ae48199c2 100644
+--- a/ssl/s3_lib.c
++++ b/ssl/s3_lib.c
+@@ -3781,7 +3781,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+ EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
+ EVP_PKEY_free(pkdh);
+- return 1;
++ return 0;
+ }
+ EVP_PKEY_free(ctx->cert->dh_tmp);
+ ctx->cert->dh_tmp = pkdh;
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch b/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch
new file mode 100644
index 00000000000..cfa84c73a5b
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch
@@ -0,0 +1,68 @@
+From 99992ad22019e752c7b103a45f860a48b6bc0972 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Wed, 21 Nov 2018 11:44:42 +0000
+Subject: [PATCH] Make sure build_SYS_str_reasons() preserves errno
+
+This function can end up being called during ERR_get_error() if we are
+initialising. ERR_get_error() must preserve errno since it gets called via
+SSL_get_error(). If that function returns SSL_ERROR_SYSCALL then you are
+supposed to inspect errno.
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7680)
+
+(cherry picked from commit 71b1ceffc4c795f5db21861dd1016fbe23a53a53)
+---
+
+diff --git a/crypto/err/err.c b/crypto/err/err.c
+index 03cbd73..2eeeab2 100644
+--- a/crypto/err/err.c
++++ b/crypto/err/err.c
+@@ -19,6 +19,7 @@
+ #include <openssl/bio.h>
+ #include <openssl/opensslconf.h>
+ #include "internal/thread_once.h"
++#include "e_os.h"
+
+ static int err_load_strings(const ERR_STRING_DATA *str);
+
+@@ -201,6 +202,7 @@ static void build_SYS_str_reasons(void)
+ static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
+ static int init = 1;
+ int i;
++ int saveerrno = get_last_sys_error();
+
+ CRYPTO_THREAD_write_lock(err_string_lock);
+ if (!init) {
+@@ -229,6 +231,8 @@ static void build_SYS_str_reasons(void)
+ init = 0;
+
+ CRYPTO_THREAD_unlock(err_string_lock);
++ /* openssl_strerror_r could change errno, but we want to preserve it */
++ set_sys_error(saveerrno);
+ err_load_strings(SYS_str_reasons);
+ }
+ #endif
+diff --git a/e_os.h b/e_os.h
+index 5340593..8e6efa9 100644
+--- a/e_os.h
++++ b/e_os.h
+@@ -49,6 +49,7 @@
+
+ # define get_last_sys_error() errno
+ # define clear_sys_error() errno=0
++# define set_sys_error(e) errno=(e)
+
+ /********************************************************************
+ The Microsoft section
+@@ -66,8 +67,10 @@
+ # ifdef WIN32
+ # undef get_last_sys_error
+ # undef clear_sys_error
++# undef set_sys_error
+ # define get_last_sys_error() GetLastError()
+ # define clear_sys_error() SetLastError(0)
++# define set_sys_error(e) SetLastError(e)
+ # if !defined(WINNT)
+ # define WIN_CONSOLE_BUG
+ # endif
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch b/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch
new file mode 100644
index 00000000000..ed8f2dd96be
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch
@@ -0,0 +1,51 @@
+From ef97becf522fc4e2e9d98e6ae7bcb26651883d9a Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Wed, 21 Nov 2018 11:57:04 +0000
+Subject: [PATCH] Preserve errno on dlopen
+
+For the same reasons as in the previous commit we must preserve errno
+across dlopen calls. Some implementations (e.g. solaris) do not preserve
+errno even on a successful dlopen call.
+
+Fixes #6953
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7680)
+
+(cherry picked from commit 3cb4e7dc1cf92022f62b9bbdd59695885a1265ff)
+---
+ crypto/dso/dso_dlfcn.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
+index ad8899c289a..4240f5f5e30 100644
+--- a/crypto/dso/dso_dlfcn.c
++++ b/crypto/dso/dso_dlfcn.c
+@@ -17,6 +17,7 @@
+ #endif
+
+ #include "dso_locl.h"
++#include "e_os.h"
+
+ #ifdef DSO_DLFCN
+
+@@ -99,6 +100,7 @@ static int dlfcn_load(DSO *dso)
+ /* See applicable comments in dso_dl.c */
+ char *filename = DSO_convert_filename(dso, NULL);
+ int flags = DLOPEN_FLAG;
++ int saveerrno = get_last_sys_error();
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
+@@ -118,6 +120,11 @@ static int dlfcn_load(DSO *dso)
+ ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
+ goto err;
+ }
++ /*
++ * Some dlopen() implementations (e.g. solaris) do no preserve errno, even
++ * on a successful call.
++ */
++ set_sys_error(saveerrno);
+ if (!sk_void_push(dso->meth_data, (char *)ptr)) {
+ DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
+ goto err;
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch b/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch
new file mode 100644
index 00000000000..84c43a3c3e0
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch
@@ -0,0 +1,57 @@
+From 145419423e1a74ae54cdbd3aed8bb15cbd53c7cc Mon Sep 17 00:00:00 2001
+From: Richard Levitte <levitte@openssl.org>
+Date: Fri, 14 Dec 2018 19:33:55 +0100
+Subject: [PATCH] ERR: preserve system error number in a few more places
+
+It turns out that intialization may change the error number, so we
+need to preserve the system error number in functions where
+initialization is called for.
+These are ERR_get_state() and err_shelve_state()
+
+Fixes #7897
+
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7902)
+
+(cherry picked from commit 91c5473035aaf2c0d86e4039c2a29a5b70541905)
+---
+ crypto/err/err.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/crypto/err/err.c b/crypto/err/err.c
+index 5cfb02d821b..aef2543d60b 100644
+--- a/crypto/err/err.c
++++ b/crypto/err/err.c
+@@ -697,6 +697,7 @@ DEFINE_RUN_ONCE_STATIC(err_do_init)
+ ERR_STATE *ERR_get_state(void)
+ {
+ ERR_STATE *state;
++ int saveerrno = get_last_sys_error();
+
+ if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL))
+ return NULL;
+@@ -728,6 +729,7 @@ ERR_STATE *ERR_get_state(void)
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
+ }
+
++ set_sys_error(saveerrno);
+ return state;
+ }
+
+@@ -737,6 +739,8 @@ ERR_STATE *ERR_get_state(void)
+ */
+ int err_shelve_state(void **state)
+ {
++ int saveerrno = get_last_sys_error();
++
+ if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL))
+ return 0;
+
+@@ -747,6 +751,7 @@ int err_shelve_state(void **state)
+ if (!CRYPTO_THREAD_set_local(&err_thread_local, (ERR_STATE*)-1))
+ return 0;
+
++ set_sys_error(saveerrno);
+ return 1;
+ }
+
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
new file mode 100644
index 00000000000..5ea4fb97bfc
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
@@ -0,0 +1,56 @@
+From ed371b8cbac0d0349667558c061c1ae380cf75eb Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Mon, 3 Dec 2018 18:14:57 +0000
+Subject: [PATCH] Revert "Reduce stack usage in tls13_hkdf_expand"
+
+This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d.
+
+SSL_export_keying_material() may use longer label lengths.
+
+Fixes #7712
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7755)
+---
+ ssl/tls13_enc.c | 16 ++++------------
+ 1 file changed, 4 insertions(+), 12 deletions(-)
+
+diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
+index b6825d20c2d..f7ab0fa4704 100644
+--- a/ssl/tls13_enc.c
++++ b/ssl/tls13_enc.c
+@@ -13,14 +13,7 @@
+ #include <openssl/evp.h>
+ #include <openssl/kdf.h>
+
+-/*
+- * RFC 8446, 7.1 Key Schedule, says:
+- * Note: With common hash functions, any label longer than 12 characters
+- * requires an additional iteration of the hash function to compute.
+- * The labels in this specification have all been chosen to fit within
+- * this limit.
+- */
+-#define TLS13_MAX_LABEL_LEN 12
++#define TLS13_MAX_LABEL_LEN 246
+
+ /* Always filled with zeros */
+ static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
+@@ -36,15 +29,14 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
+ const unsigned char *data, size_t datalen,
+ unsigned char *out, size_t outlen)
+ {
+- static const unsigned char label_prefix[] = "tls13 ";
++ const unsigned char label_prefix[] = "tls13 ";
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+ int ret;
+ size_t hkdflabellen;
+ size_t hashlen;
+ /*
+- * 2 bytes for length of derived secret + 1 byte for length of combined
+- * prefix and label + bytes for the label itself + 1 byte length of hash
+- * + bytes for the hash itself
++ * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined
++ * prefix and label + bytes for the label itself + bytes for the hash
+ */
+ unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) +
+ + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN
diff --git a/dev-libs/openssl/openssl-1.1.1a-r1.ebuild b/dev-libs/openssl/openssl-1.1.1a-r1.ebuild
new file mode 100644
index 00000000000..0ad3e058c0c
--- /dev/null
+++ b/dev-libs/openssl/openssl-1.1.1a-r1.ebuild
@@ -0,0 +1,299 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit flag-o-matic toolchain-funcs multilib multilib-minimal
+
+MY_P=${P/_/-}
+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
+HOMEPAGE="https://www.openssl.org/"
+SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
+
+LICENSE="openssl"
+SLOT="0/1.1" # .so version of libssl/libcrypto
+[[ "${PV}" = *_pre* ]] || \
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-linux"
+IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib"
+RESTRICT="!bindist? ( bindist )"
+
+RDEPEND=">=app-misc/c_rehash-1.7-r1
+ zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+ >=dev-lang/perl-5
+ sctp? ( >=net-misc/lksctp-tools-1.0.12 )
+ test? (
+ sys-apps/diffutils
+ sys-devel/bc
+ )"
+PDEPEND="app-misc/ca-certificates"
+
+PATCHES=(
+ "${FILESDIR}"/${P}-make-sure-build_SYS_str_reasons_preserves_errno.patch
+ "${FILESDIR}"/${P}-preserve-errno-on-dlopen.patch
+ "${FILESDIR}"/${P}-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch
+ "${FILESDIR}"/${P}-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch
+ "${FILESDIR}"/${P}-fix-some-SSL_export_keying_material-issues.patch
+ "${FILESDIR}"/${P}-preserve-system-error-number-in-a-few-more-places.patch
+ "${FILESDIR}"/${P}-fix-a-minor-nit-in-hkdflabel-size.patch
+ "${FILESDIR}"/${P}-fix-cert-with-rsa-instead-of-rsaEncryption.patch
+)
+
+# This does not copy the entire Fedora patchset, but JUST the parts that
+# are needed to make it safe to use EC with RESTRICT=bindist.
+# See openssl.spec for the matching numbering of SourceNNN, PatchNNN
+SOURCE1=hobble-openssl
+SOURCE12=ec_curve.c
+SOURCE13=ectest.c
+PATCH37=openssl-1.1.1-ec-curves.patch
+FEDORA_GIT_BASE='https://src.fedoraproject.org/cgit/rpms/openssl.git/plain/'
+FEDORA_GIT_BRANCH='f29'
+FEDORA_SRC_URI=()
+FEDORA_SOURCE=( ${SOURCE1} ${SOURCE12} ${SOURCE13} )
+FEDORA_PATCH=( ${PATCH37} )
+for i in "${FEDORA_SOURCE[@]}" ; do
+ FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${P}_${i}" )
+done
+for i in "${FEDORA_PATCH[@]}" ; do # Already have a version prefix
+ FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${i}" )
+done
+SRC_URI+=" bindist? ( ${FEDORA_SRC_URI[@]} )"
+
+S="${WORKDIR}/${MY_P}"
+
+MULTILIB_WRAPPED_HEADERS=(
+ usr/include/openssl/opensslconf.h
+)
+
+src_prepare() {
+ if use bindist; then
+ # This just removes the prefix, and puts it into WORKDIR like the RPM.
+ for i in "${FEDORA_SOURCE[@]}" ; do
+ cp -f "${DISTDIR}"/"${P}_${i}" "${WORKDIR}"/"${i}" || die
+ done
+ # .spec %prep
+ bash "${WORKDIR}"/"${SOURCE1}" || die
+ cp -f "${WORKDIR}"/"${SOURCE12}" "${S}"/crypto/ec/ || die
+ cp -f "${WORKDIR}"/"${SOURCE13}" "${S}"/test/ || die
+ for i in "${FEDORA_PATCH[@]}" ; do
+ eapply "${DISTDIR}"/"${i}"
+ done
+ # Also see the configure parts below:
+ # enable-ec \
+ # $(use_ssl !bindist ec2m) \
+
+ fi
+
+ # keep this in sync with app-misc/c_rehash
+ SSL_CNF_DIR="/etc/ssl"
+
+ # Make sure we only ever touch Makefile.org and avoid patching a file
+ # that gets blown away anyways by the Configure script in src_configure
+ rm -f Makefile
+
+ if ! use vanilla ; then
+ if [[ $(declare -p PATCHES 2>/dev/null) == "declare -a"* ]] ; then
+ [[ ${#PATCHES[@]} -gt 0 ]] && eapply "${PATCHES[@]}"
+ fi
+ fi
+
+ eapply_user #332661
+
+ # make sure the man pages are suffixed #302165
+ # don't bother building man pages if they're disabled
+ # Make DOCDIR Gentoo compliant
+ sed -i \
+ -e '/^MANSUFFIX/s:=.*:=ssl:' \
+ -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
+ -e $(has noman FEATURES \
+ && echo '/^install:/s:install_docs::' \
+ || echo '/^MANDIR=/s:=.*:='${EPREFIX%/}'/usr/share/man:') \
+ -e "/^DOCDIR/s@\$(BASENAME)@&-${PVR}@" \
+ Configurations/unix-Makefile.tmpl \
+ || die
+
+ # quiet out unknown driver argument warnings since openssl
+ # doesn't have well-split CFLAGS and we're making it even worse
+ # and 'make depend' uses -Werror for added fun (#417795 again)
+ [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
+
+ # allow openssl to be cross-compiled
+ cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
+ chmod a+rx gentoo.config || die
+
+ append-flags -fno-strict-aliasing
+ append-flags $(test-flags-CC -Wa,--noexecstack)
+ append-cppflags -DOPENSSL_NO_BUF_FREELISTS
+
+ # Prefixify Configure shebang (#141906)
+ sed \
+ -e "1s,/usr/bin/env,${EPREFIX%/}&," \
+ -i Configure || die
+ # Remove test target when FEATURES=test isn't set
+ if ! use test ; then
+ sed \
+ -e '/^$config{dirs}/s@ "test",@@' \
+ -i Configure || die
+ fi
+ # The config script does stupid stuff to prompt the user. Kill it.
+ sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
+ ./config --test-sanity || die "I AM NOT SANE"
+
+ multilib_copy_sources
+}
+
+multilib_src_configure() {
+ unset APPS #197996
+ unset SCRIPTS #312551
+ unset CROSS_COMPILE #311473
+
+ tc-export CC AR RANLIB RC
+
+ # Clean out patent-or-otherwise-encumbered code
+ # Camellia: Royalty Free https://en.wikipedia.org/wiki/Camellia_(cipher)
+ # IDEA: Expired https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
+ # EC: ????????? ??/??/2015 https://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
+ # MDC2: Expired https://en.wikipedia.org/wiki/MDC-2
+ # RC5: Expired https://en.wikipedia.org/wiki/RC5
+
+ use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
+ echoit() { echo "$@" ; "$@" ; }
+
+ local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
+
+ # See if our toolchain supports __uint128_t. If so, it's 64bit
+ # friendly and can use the nicely optimized code paths. #460790
+ local ec_nistp_64_gcc_128
+ # Disable it for now though #469976
+ #if ! use bindist ; then
+ # echo "__uint128_t i;" > "${T}"/128.c
+ # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
+ # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
+ # fi
+ #fi
+
+ local sslout=$(./gentoo.config)
+ einfo "Use configuration ${sslout:-(openssl knows best)}"
+ local config="Configure"
+ [[ -z ${sslout} ]] && config="config"
+
+ # Fedora hobbled-EC needs 'no-ec2m'
+ # 'srp' was restricted until early 2017 as well.
+ # "disable-deprecated" option breaks too many consumers.
+ # Don't set it without thorough revdeps testing.
+ echoit \
+ ./${config} \
+ ${sslout} \
+ $(use cpu_flags_x86_sse2 || echo "no-sse2") \
+ enable-camellia \
+ enable-ec \
+ $(use_ssl !bindist ec2m) \
+ enable-srp \
+ $(use elibc_musl && echo "no-async") \
+ ${ec_nistp_64_gcc_128} \
+ enable-idea \
+ enable-mdc2 \
+ enable-rc5 \
+ $(use_ssl sslv3 ssl3) \
+ $(use_ssl sslv3 ssl3-method) \
+ $(use_ssl asm) \
+ $(use_ssl rfc3779) \
+ $(use_ssl sctp) \
+ $(use_ssl tls-heartbeat heartbeats) \
+ $(use_ssl zlib) \
+ --prefix="${EPREFIX%/}"/usr \
+ --openssldir="${EPREFIX%/}"${SSL_CNF_DIR} \
+ --libdir=$(get_libdir) \
+ shared threads \
+ || die
+
+ # Clean out hardcoded flags that openssl uses
+ # Fix quoting for sed
+ local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile | LC_ALL=C sed \
+ -e 's:^CFLAGS=::' \
+ -e 's:-fomit-frame-pointer ::g' \
+ -e 's:-O[0-9] ::g' \
+ -e 's:-march=[-a-z0-9]* ::g' \
+ -e 's:-mcpu=[-a-z0-9]* ::g' \
+ -e 's:-m[a-z0-9]* ::g' \
+ -e 's:\\:\\\\:g' \
+ )
+ sed -i \
+ -e "/^CFLAGS=/s|=.*|=${DEFAULT_CFLAGS} ${CFLAGS}|" \
+ -e "/^LDFLAGS=/s|=[[:space:]]*$|=${LDFLAGS}|" \
+ Makefile || die
+}
+
+multilib_src_compile() {
+ # depend is needed to use $confopts; it also doesn't matter
+ # that it's -j1 as the code itself serializes subdirs
+ emake -j1 depend
+ emake all
+}
+
+multilib_src_test() {
+ emake -j1 test
+}
+
+multilib_src_install() {
+ # We need to create $ED/usr on our own to avoid a race condition #665130
+ if [[ ! -d "${ED%/}/usr" ]]; then
+ # We can only create this directory once
+ mkdir "${ED%/}"/usr || die
+ fi
+
+ emake DESTDIR="${D%/}" install
+}
+
+multilib_src_install_all() {
+ # openssl installs perl version of c_rehash by default, but
+ # we provide a shell version via app-misc/c_rehash
+ rm "${ED%/}"/usr/bin/c_rehash || die
+
+ dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el
+
+ # This is crappy in that the static archives are still built even
+ # when USE=static-libs. But this is due to a failing in the openssl
+ # build system: the static archives are built as PIC all the time.
+ # Only way around this would be to manually configure+compile openssl
+ # twice; once with shared lib support enabled and once without.
+ use static-libs || rm -f "${ED%/}"/usr/lib*/lib*.a
+
+ # create the certs directory
+ keepdir ${SSL_CNF_DIR}/certs
+
+ # Namespace openssl programs to prevent conflicts with other man pages
+ cd "${ED%/}"/usr/share/man || die
+ local m d s
+ for m in $(find . -type f | xargs grep -L '#include') ; do
+ d=${m%/*} ; d=${d#./} ; m=${m##*/}
+ [[ ${m} == openssl.1* ]] && continue
+ [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
+ mv ${d}/{,ssl-}${m}
+ # fix up references to renamed man pages
+ sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
+ ln -s ssl-${m} ${d}/openssl-${m}
+ # locate any symlinks that point to this man page ... we assume
+ # that any broken links are due to the above renaming
+ for s in $(find -L ${d} -type l) ; do
+ s=${s##*/}
+ rm -f ${d}/${s}
+ # We don't want to "|| die" here
+ ln -s ssl-${m} ${d}/ssl-${s}
+ ln -s ssl-${s} ${d}/openssl-${s}
+ done
+ done
+ [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
+
+ dodir /etc/sandbox.d #254521
+ echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED%/}"/etc/sandbox.d/10openssl
+
+ diropts -m0700
+ keepdir ${SSL_CNF_DIR}/private
+}
+
+pkg_postinst() {
+ ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
+ c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
+ eend $?
+}